Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 4:0 a.m.7 views

CVE-2023-36255

An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...

8.8CVSS7.8AI score0.57359EPSS
Exploits6
packetstorm
packetstorm
added 2025/03/26 12:0 a.m.309 views

Eramba Remote Code Execution

This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...

8.8CVSS8.5AI score0.57359EPSS
Exploits6
metasploit
metasploit
added 2025/03/25 6:53 p.m.418 views

Eramba (up to 3.19.1) Authenticated Remote Code Execution Module

This module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Module Options msf use exploit/linux/http/erambarce msf...

8.8CVSS9.2AI score0.57359EPSS
Exploits6
circl
circl
added 2025/03/25 6:1 p.m.10 views

CVE-2023-36255

creationtimestamp| type| source ---|---|--- 2025-03-25 18:01:43+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/erambarce.rb 2025-03-26 21:02:11+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3llcon64l7r2p 2025-10-23...

8.8CVSS8.6AI score0.57359EPSS
Exploits6References2
attackerkb
attackerkb
added 2023/08/03 2:15 a.m.5 views

CVE-2023-36255

An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...

8.8CVSS7.8AI score0.57359EPSS
Exploits6References6
cve
cve
added 2023/08/03 12:0 a.m.118 views

CVE-2023-36255

Eramba (Eramba GRC) up to version 3.19.1 is affected by an authenticated remote code execution vulnerability that can be triggered via the path parameter in the URL to the download-test-pdf endpoint. Public writeups and PoCs indicate an RCE in Eramba 3.19.1, with exploits and Metasploit modules r...

8.8CVSS8.8AI score0.57359EPSS
Exploits6References3Affected Software1
packetstorm
packetstorm
added 2023/08/01 12:0 a.m.284 views

Eramba 3.19.1 Remote Command Execution

Trovent Security Advisory 2303-01 Authenticated remote code execution in Eramba Overview Advisory ID: TRSA-2303-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2303-01 Affected product: Eramba Affected version: 3.19.1 Enterprise and Community...

7.1AI score0.57359EPSS
Exploits6
Rows per page
Query Builder