10 matches found
Metasploit Wrap-Up
Two new Active Directory attacks This week we added a pair of new post-exploitation modules from community contributor timb-machine. Both modules target UNIX machines running SSSD or One Identity's Vintela Authentication Services VAS as Active Directory integration solutions. The new UNIX Gather...
Micro Focus Operations Bridge Reporter Unauthenticated Command Injection Exploit
This Metasploit module exploits a command injection vulnerability on login that affects Micro Focus Operations Bridge Reporter on Linux, versions 10.40 and below. It is a straight up command injection, with little escaping required, and it works before authentication. This module has been tested ...
Micro Focus Operations Bridge Reporter Unauthenticated Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Reporter Unauthenticated Command Injection', 'Description' = %q This module exploits a command injection...
Micro Focus Operations Bridge Reporter Remote Code Execution (CVE-2021-22502)
A remote code execution vulnerability exists in Micro Focus Operations Bridge Reporter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
New Mirai Variant and ZHtrap Botnet Malware Emerge in the Wild
Cybersecurity researchers on Monday disclosed a new wave of ongoing attacks exploiting multiple vulnerabilities to deploy new Mirai variants on internet connected devices. "Upon successful exploitation, the attackers try to download a malicious shell script, which contains further infection...
CVE-2021-22502
creationtimestamp| type| source ---|---|--- 2021-02-09 00:39:10+00:00| seen| https://t.me/cibsecurity/23262 2021-03-17 11:01:15+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2925 2021-04-29 18:16:56+00:00| seen|...
CVE-2021-22502
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter OBR product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server...
CVE-2021-22502
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter OBR product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server...
CVE-2021-22502
Micro Focus Operations Bridge Reporter 10.40 is vulnerable to unauthenticated remote code execution via a login command injection vulnerability. The Nuclei template and Metasploit module describe an unauthenticated path to run arbitrary commands on the OBR server, potentially enabling full system...
CVE-2021-22502
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter OBR product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Valu...