Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2020/12/11 12:0 a.m.1793 views

Aerospike Database UDF Lua Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Aerospike Database UDF Lua Code Execution', 'Description' = %q Aerospike Database versions before 5.1.0.3 permitted user-defined functions UDF to...

10CVSS0.6AI score0.86749EPSS
Exploits8
Packet Storm
Packet Storm
added 2020/11/17 12:0 a.m.719 views

Aerospike Database 5.1.0.3 Remote Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

10CVSS0.3AI score0.86749EPSS
Exploits8
0day.today
0day.today
added 2020/11/17 12:0 a.m.138 views

Aerospike Database 5.1.0.3 - OS Command Execution Exploit

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect except Exception a...

10CVSS9.6AI score0.86749EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/11/17 12:0 a.m.1268 views

Aerospike Database 5.1.0.3 - OS Command Execution

Exploit Title: Aerospike Database 5.1.0.3 - OS Command Execution Date: 2020-08-01 Exploit Author: Matt S Vendor Homepage: https://www.aerospike.com/ Version: &1|nc ip port /tmp/ft&' def getclientcfg: try: return aerospike.client 'hosts': cfg.ahost, cfg.aport, 'policies': 'timeout': 8000.connect...

10CVSS9.6AI score0.86749EPSS
Exploits8
Circl
Circl
added 2020/08/05 4:55 p.m.25 views

CVE-2020-13151

creationtimestamp| type| source ---|---|--- 2020-08-05 16:55:16+00:00| seen| https://t.me/cibsecurity/13884 2020-12-10 17:14:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/aerospikedatabaseudfcmdexec.rb 2021-05-17 01:38:24+00:00| seen|...

10CVSS7.6AI score0.86749EPSS
Exploits8References3
CVE
CVE
added 2020/08/05 12:36 p.m.319 views

CVE-2020-13151

CVE-2020-13151 affects the Aerospike Community Edition, specifically versions around 4.9.0.5. The vulnerability allows an unauthenticated user to submit a crafted Lua UDF that can execute arbitrary OS commands via os.execute(), enabling remote command execution on all cluster nodes with the Aeros...

10CVSS9.7AI score0.86749EPSS
Exploits8References6Affected Software1
GithubExploit
GithubExploit
added 2020/08/01 2:29 p.m.1478 views

Exploit for OS Command Injection in Aerospike Aerospike_Server

CVE-2020-13151 POC Aerospike Database 5.1.0.3 Host Com...

10CVSS7.8AI score0.86749EPSS
Exploits8
Rows per page
Query Builder