4 matches found
CVE-2019-5029
creationtimestamp| type| source ---|---|--- 2023-12-14 00:02:55+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6176 2023-12-18 12:17:24+00:00| seen| https://t.me/arpsyndicate/1980 2024-02-14 08:17:02+00:00| seen| https://t.me/ctinow/184454 2025-01-16 16:00:10+00:00|...
Soabase Exhibitor UI Config Command Injection (CVE-2019-5029)
A command injection vulnerability exists in Soabase Exhibitor, an open source project from Netflix. The vulnerability is due to improper validation of user-supplied input in the Config tab of Exhibitor web interface. A remote unauthenticated attacker can exploit the vulnerability by sending craft...
Exhibitor 1.0.9 <= 1.7.1 RCE Vulnerability
Exhibitor is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2019-5029
Exploitable command-injection exists in Exhibitor Web UI Config editor (versions 1.0.9–1.7.1). Arbitrary shell commands enclosured in backticks or $(...) are executed by the Exhibitor process when ZooKeeper is launched, allowing an attacker to run commands as the Exhibitor user. Connected sources...