Lucene search
+L

8 matches found

checkpoint_advisories
checkpoint_advisories
added 2020/11/28 12:0 a.m.5 views

Cayin CMS Command Injection (CVE-2020-7357)

A command injection vulnerability exists in Cayin CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS5.5AI score0.33874EPSS
Exploits8
nvd
nvd
added 2020/08/06 4:15 p.m.22 views

CVE-2020-7357

Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTPServerIP' HTTP POST parameter in system.cgi page. This issue affects several...

9.9CVSS9.8AI score0.33874EPSS
Exploits8References3
cve
cve
added 2020/08/06 3:45 p.m.101 views

CVE-2020-7357

CVE-2020-7357 relates to Cayin CMS where an authenticated OS semi-blind command injection is possible via the NTP_Server_IP/NTP IP parameter in system.cgi. The issue requires authentication (default credentials) and can allow execution of arbitrary shell commands as root. Affected are multiple Ca...

9.9CVSS9.8AI score0.33874EPSS
Exploits8References3Affected Software1
0daydb
0daydb
added 2020/06/21 9:10 a.m.353 views

Cayin CMS NTP Server 11.0 CVE-2020-7357 - Remote Code Execution

This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cayin CMS NTP Server RCE',...

1.1AI score0.33874EPSS
Exploits8
circl
circl
added 2020/06/18 3:43 p.m.10 views

CVE-2020-7357

creationtimestamp| type| source ---|---|--- 2020-06-18 15:43:56+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/cayincmsntp.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:30+00:00| seen|...

9.9CVSS9.1AI score0.33874EPSS
Exploits8References1
zdt
zdt
added 2020/06/18 12:0 a.m.172 views

Cayin CMS NTP Server 11.0 Remote Code Execution Exploit

This Metasploit module exploits an authenticated remote code execution vulnerability in Cayin CMS versions 11.0 and below. The code execution is executed in the systemservice.cgi file's ntpIp Parameter. The field is limited in size, so repeated requests are made to achieve a larger payload. Cayin...

9.9CVSS9.5AI score0.33874EPSS
Exploits8
packetstorm
packetstorm
added 2020/06/18 12:0 a.m.754 views

Cayin CMS NTP Server 11.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cayin CMS NTP Server RCE', 'Description' = %q This module exploits an authenticated RCE in Cayin CMS MSFLICENSE, 'Author' = 'h00die', msf module...

0.2AI score0.33874EPSS
Exploits8
metasploit
metasploit
added 2020/06/12 2:46 p.m.245 views

Cayin CMS NTP Server RCE

This module exploits an authenticated RCE in Cayin CMS 'Cayin CMS NTP Server RCE', 'Description' = %q This module exploits an authenticated RCE in Cayin CMS MSFLICENSE, 'Author' = 'h00die', msf module 'Gjoko Krstic LiquidWorm '...

9.9CVSS9.4AI score0.33874EPSS
Exploits8
Rows per page
Query Builder