10 matches found
FortiLogger Arbitrary File Upload (CVE-2021-3378)
An arbitrary file upload vulnerability exists in FortiLogger. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FortiLogger Arbitrary File Upload Exploit
This module exploits an unauthenticated arbitrary file upload via insecure POST request. It has been tested on versions use exploit/windows/http/fortiloggerarbitraryfileupload msf exploitfortiloggerarbitraryfileupload show targets ...targets... msf exploitfortiloggerarbitraryfileupload set TARGET...
FortiLogger Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload Exploit
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
FortiLogger 4.4.2.2 Arbitrary File Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiLogger Arbitrary File Upload Exploit', 'Description' = %q This module exploits an unauthenticated arbitrary file upload via insecure POST...
CVE-2021-3378
creationtimestamp| type| source ---|---|--- 2021-02-02 02:25:17+00:00| seen| https://t.me/cibsecurity/22933 2021-03-01 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/49600 2021-03-24 22:48:24+00:00| seen|...
CVE-2021-3378
FortiLogger 4.4.2.2 is affected by an Arbitrary File Upload vulnerability. Attackers can trigger it by sending a Content-Type: image/png header to Config/SaveUploadedHotspotLogoFile, then access Assets/temp/hotspot/img/logohotspot.asp. The issue enables unauthenticated arbitrary file upload with ...
CVE-2021-3378
FortiLogger 4.4.2.2 is affected by Arbitrary File Upload by sending a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then visiting Assets/temp/hotspot/img/logohotspot.asp...
Exploit for Unrestricted Upload of File with Dangerous Type in Fortilogger
CVE-2021-3378 | FortiLogger - Unauthenticated Arbitrary File...