Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2021/06/20 12:0 a.m.13 views

Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)

A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...

10CVSS2.5AI score0.99999EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2021/06/11 7:51 p.m.92 views

Metasploit Wrap-Up

NSClient++ Community contributor Yann Castel has contributed an exploit module for NSClient++ which targets an authenticated command execution vulnerability. Users that are able to authenticate to the service as admin can leverage the external scripts feature to execute commands with SYSTEM level...

10CVSS0.6AI score0.99999EPSS
Exploits6
Metasploit
Metasploit
added 2021/06/04 5:42 p.m.122 views

Cisco HyperFlex HX Data Platform Command Execution

This module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform's /storfs-asup endpoint to execute shell commands as the Tomcat user. Module Options msf use exploit/linux/http/ciscohyperflexhxdataplatformcmdexec msf exploitciscohyperflexhxdataplatformcmdexec show...

10CVSS9.9AI score0.99999EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2021/05/13 12:0 a.m.127 views

Cisco HyperFlex HX Command Injection Vulnerabilities (cisco-sa-hyperflex-rce-TjjNrkpR)

The version of Cisco HyperFlex HX installed on the remote host is affected by multiple command injection vulnerabilities. An unauthenticated, remote attacker can exploit these to execute arbitrary commands on an affected system. Note that Nessus has not tested for this issue but has instead relie...

10CVSS9.2AI score0.99999EPSS
Exploits6References6
Circl
Circl
added 2021/05/06 1:51 p.m.25 views

CVE-2021-1498

creationtimestamp| type| source ---|---|--- 2021-05-06 13:51:34+00:00| seen| https://t.me/ptswarm/34 2021-05-17 17:03:48+00:00| seen| https://t.me/reconshell/709 2021-06-03 21:31:54+00:00| seen|...

9.8CVSS7.4AI score0.99999EPSS
Exploits5References9
Vulnrichment
Vulnrichment
added 2021/05/06 12:41 p.m.19 views

CVE-2021-1498 Cisco HyperFlex HX Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

9.8CVSS7.4AI score0.99999EPSS
Exploits5References2
The Hacker News
The Hacker News
added 2021/05/06 12:30 p.m.115 views

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In ...

10CVSS2.3AI score0.99999EPSS
Exploits6
Rows per page
Query Builder