Lucene search
+L

4 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.157 views

Cisco Data Center Network Manager Unauthenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated File Download', 'Description' = %q DCNM exposes a servlet to download files on...

9.8CVSS7AI score0.82815EPSS
Exploits8
Circl
Circl
added 2020/07/16 3:38 p.m.12 views

CVE-2019-1621

creationtimestamp| type| source ---|---|--- 2020-07-16 15:38:10+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/networking/ciscodcnmdownload.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:13+00:00| see...

7.5CVSS7.6AI score0.29816EPSS
Exploits4References1
Metasploit
Metasploit
added 2020/06/22 10:11 a.m.137 views

Cisco Data Center Network Manager Unauthenticated File Download

DCNM exposes a servlet to download files on /fm/downloadServlet. An authenticated user can abuse this servlet to download arbitrary files as root by specifying the full path of the file. This module was tested on the DCNM Linux virtual appliance 10.42, 11.01 and 11.11, and should work on a few...

9.8CVSS7.1AI score0.82815EPSS
Exploits8
CVE
CVE
added 2019/06/27 3:5 a.m.118 views

CVE-2019-1621

CVE-2019-1621 affects Cisco Data Center Network Manager (DCNM) web-based management interface. The issue stems from incorrect permissions settings that could allow an unauthenticated, remote attacker to download arbitrary files from the device via the web servlet (e.g., /fm/downloadServlet). Conn...

7.5CVSS7.7AI score0.29816EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder