Lucene search
K

9 matches found

Rapid7 Blog
Rapid7 Blog
added 2022/02/04 7:54 p.m.49 views

Metasploit Wrap-Up

Wordpress Exploitation Returns What's life without a little WordPress exploitation? Courtesy of Hacker5preme aka Ron Jost and h00die, we now have an exploit for CVE-2021-24862, a bug in the RestorationMagic WordPress plugin prior to 5.0.1.6 whereby user input was not properly escaped in the...

7.5CVSS0.5AI score0.73293EPSS
Exploits13
Metasploit
Metasploit
added 2022/02/01 5:42 p.m.181 views

Cisco Small Business RV Series Authentication Bypass and Command Injection

This module exploits an authentication bypass CVE-2021-1472 and command injection CVE-2021-1473 in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in the HTTP Authorization field when requests are made to the /upload endpoint. Then the...

9.8CVSS10AI score0.72472EPSS
Exploits8
0day.today
0day.today
added 2022/02/01 12:0 a.m.471 views

Cisco Small Business RV Series Authentication Bypass / Command Injection Exploit

This Metasploit module exploits an authentication bypass CVE-2021-1472 and command injection CVE-2021-1473 in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in the HTTP Authorization field when requests are made to the /upload endpoint. Th...

9.8CVSS0.9AI score0.72472EPSS
Exploits8
Packet Storm
Packet Storm
added 2022/02/01 12:0 a.m.425 views

Cisco Small Business RV Series Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Small Business RV Series Authentication Bypass and Command Injection', 'Description' = %q This module exploits an authentication bypass...

9.8CVSS1.1AI score0.72472EPSS
Exploits8
seebug.org
seebug.org
added 2021/04/21 12:0 a.m.87 views

cisco RV34X系列身份绕过和远程命令执行漏洞(CVE-2021-1472 CVE-2021-1473)

Advisory: Cisco RV34X Series – Authentication Bypass and Remote Command Execution APRIL 13, 2021 TL;DR In early 2021, we reported a few security issues to Cisco related to their RV34X series of routers, two of which have been recently patched. The issues in question were an authentication bypass...

7.5CVSS0.1AI score0.72472EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/04/20 12:0 a.m.551 views

Cisco RV Authentication Bypass / Code Execution

IoT Inspector Research Lab Security Advisory IOT-20210414-0 title: Cisco RV series Authentication Bypass and Remote Command Execution vendor/product: Cisco https://www.cisco.com/ vulnerable version: RV16X/RV26X: 1.0.01.02 & below. RV34X: 1.0.03.20 & below. fixed version: RV16X/RV26X: 1.0.01.03...

7.5CVSS0.5AI score0.72472EPSS
Exploits8
0day.today
0day.today
added 2021/04/20 12:0 a.m.73 views

Cisco RV Authentication Bypass / Code Execution Vulnerability

Cisco RV-series routers suffer from an authentication bypass vulnerability. The RV34X series are also affected by a command injection vulnerability in the sessionid cookie, when requesting the /upload endpoint. A combination of these issues would allow any person who is able to communicate with t...

9.8CVSS1.1AI score0.72472EPSS
Exploits8
Circl
Circl
added 2021/04/15 11:2 a.m.34 views

CVE-2021-1473

creationtimestamp| type| source ---|---|--- 2021-04-15 11:02:09+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3127 2021-05-30 02:19:08+00:00| seen| https://t.me/pwnwikizhchannel/529 2022-02-01 16:55:14+00:00| seen|...

9.8CVSS8.6AI score0.64161EPSS
Exploits7References3
Check Point Advisories
Check Point Advisories
added 2020/06/03 12:0 a.m.90 views

HTTP Headers Remote Code Execution (CVE-2020-10826; CVE-2020-10827; CVE-2020-10828; CVE-2020-13756; CVE-2021-1472; CVE-2021-1473)

HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine...

10CVSS3.8AI score0.72472EPSS
Exploits15
Rows per page
Query Builder