Lucene search
K

6 matches found

Metasploit
Metasploit
added 2021/06/18 5:42 p.m.90 views

Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE (CVE-2021-1499)

This module exploits an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform's /upload endpoint to upload and execute a payload as the Tomcat user. Module Options msf use exploit/linux/http/ciscohyperflexfileuploadrce msf exploitciscohyperflexfileuploadrce show targets...

5.3CVSS5.6AI score0.80426EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/06/17 12:0 a.m.315 views

Cisco HyperFlex HX Data Platform File Upload / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco HyperFlex HX Data Platform unauthenticated file upload to RCE CVE-2021-1499', 'Description' = %q This module exploits an unauthenticated fi...

5CVSS0.3AI score0.80426EPSS
Exploits5
0day.today
0day.today
added 2021/06/17 12:0 a.m.76 views

Cisco HyperFlex HX Data Platform File Upload / Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform's /upload endpoint to upload and execute a payload as the Tomcat user. This module requires Metasploit: https://metasploit.com/download Current source:...

5.3CVSS0.2AI score0.80426EPSS
Exploits5
seebug.org
seebug.org
added 2021/05/20 12:0 a.m.76 views

Cisco HyperFlex HX 未授权文件上传漏洞(CVE-2021-1499 )

Technical Analysis CVE-2021-1499 Arbitrary file upload RCE implied in the /upload endpoint. Patch --- unpatched/springpath.conf 2021-05-17 19:06:17.000000000 -0500 +++ patched/springpath.conf 2021-05-17 19:06:23.000000000 -0500 @@ -36,14 +36,7 @@ include uwsgiparams; - location /crossdomain.xml -...

5CVSS5.5AI score0.80426EPSS
Exploits5
Circl
Circl
added 2021/05/06 1:51 p.m.21 views

CVE-2021-1499

creationtimestamp| type| source ---|---|--- 2021-05-06 13:51:34+00:00| seen| https://t.me/ptswarm/34 2021-06-17 17:48:07+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscohyperflexfileuploadrce.rb 2021-06-20 01:57:48+00:00| seen|...

5.3CVSS6AI score0.80426EPSS
Exploits5References5
CVE
CVE
added 2021/05/06 12:41 p.m.114 views

CVE-2021-1499

Cisco HyperFlex HX Data Platform is affected by an unauthenticated arbitrary file upload vulnerability in the web-based management interface. The issue arises from missing authentication on the /upload endpoint, allowing an attacker to upload files with the permissions of the Tomcat user (tomcat8...

5.3CVSS5.3AI score0.80426EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder