Lucene search
K

10 matches found

Nuclei
Nuclei
added yesterday169 views

EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution

EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...

9.8CVSS7.4AI score0.91874EPSS
Exploits13References5
RedhatCVE
RedhatCVE
added 2025/05/22 4:52 p.m.11 views

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

9.8CVSS6.7AI score0.91874EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2022/07/27 12:0 a.m.33 views

Eyes of Network API Insufficient Credential Protection (CVE-2020-8657)

Binary data eonapicve-2020-8657.nbin...

9.8CVSS9.5AI score0.91874EPSS
Exploits4References2
Exploit DB
Exploit DB
added 2020/03/05 12:0 a.m.129 views

EyesOfNetwork - AutoDiscovery Target Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EyesOfNetwork AutoDiscovery Target Command Execution', 'Description' = %q This module exploits multiple vulnerabilities in EyesOfNetwork version...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/03/03 12:0 a.m.98 views

EyesOfNetwork AutoDiscovery Target Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EyesOfNetwork AutoDiscovery Target Command Execution', 'Description' = %q This module exploits multiple vulnerabilities in EyesOfNetwork version...

9.3CVSS0.5AI score0.91874EPSS
Exploits12
Circl
Circl
added 2020/03/02 9:31 p.m.9 views

CVE-2020-8657

creationtimestamp| type| source ---|---|--- 2020-03-02 21:31:51+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetworkautodiscoveryrce.rb 2020-03-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48169 2021-11-08...

9.8CVSS7.3AI score0.91874EPSS
Exploits4References8
OpenVAS
OpenVAS
added 2020/02/11 12:0 a.m.135 views

Eyes Of Network (EON) <= 2.4.2 Multiple API Vulnerabilities

Eyes Of Network EON is prone to multiple vulnerabilities over the API. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.4AI score0.91874EPSS
Exploits9References5
OSV
OSV
added 2020/02/06 6:15 p.m.24 views

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

9.8CVSS6.7AI score0.91874EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2020/02/06 5:48 p.m.8 views

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

9.4AI score0.91874EPSS
Exploits4References2
CVE
CVE
added 2020/02/06 5:48 p.m.1088 views

CVE-2020-8657

Incident summary (CVE-2020-8657): EyesOfNetwork 5.3 is affected by a hardcoded API key vulnerability. The default API key (EONAPI_KEY) is stored in include/api_functions.php for API version 2.4.2, enabling an attacker to calculate/guess the admin access token and potentially gain administrative a...

9.8CVSS9.2AI score0.91874EPSS
In wildExploits4References3Affected Software1
Rows per page
Query Builder