14 matches found
Rocket.Chat <=3.13 - NoSQL Injection
Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected...
CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE...
Exploit for Special Element Injection in Rocket.Chat
CVE-2021-22911 If you have already registered...
Exploit for Special Element Injection in Rocket.Chat
CVE-2021-22911 Modifed ver of the original exploit to save som...
Rocket.Chat NoSQL injection (CVE-2021-22911)
A NoSQL injection vulnerability exists in Rocket.Chat. Successful exploitation of this vulnerability could allow attackers to inject commands and execute arbitrary code on the affected system...
Exploit for Special Element Injection in Rocket.Chat
Rocket.Chat Automated Unauthenticated Account Takeover to RCE...
Rocket.Chat 3.12.1远程代码执行(CVE-2021-22911)
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated 2 Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 2 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat Info : This is a...
Rocket.Chat 3.12.1 NoSQL Injection / Code Execution
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated 2 Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 2 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat Info : This is a...
Rocket.Chat 3.12.1 NoSQL Injection / Code Execution
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Date: 06-06-2021 Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python...
Rocket.Chat 3.12.1 - NoSQL Injection to Remote Code Execution (Unauthenticated) Exploit
Title: Rocket.Chat 3.12.1 - NoSQL Injection to RCE Unauthenticated Author: enox Product: Rocket.Chat Vendor: https://rocket.chat/ Vulnerable Versions: Rocket.Chat 3.12.1 CVE: CVE-2021-22911 Credits: https://blog.sonarsource.com/nosql-injections-in-rocket-chat !/usr/bin/python import requests impo...
CVE-2021-22911
creationtimestamp| type| source ---|---|--- 2021-06-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49960 2021-06-07 15:45:27+00:00| published-proof-of-concept| Telegram/tCqBhGf-ONTgPl1jNxk7jSK9BW7FRzVpc1tCk80-PQdj1g 2021-07-07 00:00:00+00:00| exploited|...
Exploit for Special Element Injection in Rocket.Chat
CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remot...
CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE...
CVE-2021-22911
CVE-2021-22911 affects Rocket.Chat 3.11–3.13 and is a NoSQL injection that enables unauthenticated access to an API endpoint, potentially leading to data exposure, modification, or remote code execution. Root cause: NoSQL injection in endpoints such as getPasswordPolicy and users.list, enabling r...