7 matches found
CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...
Eramba Remote Code Execution
This Metasploit module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Versions up to 3.19.1 are affected. This...
Eramba (up to 3.19.1) Authenticated Remote Code Execution Module
This module exploits a remote code execution vulnerability in Eramba. An authenticated user can execute arbitrary commands on the server by exploiting the path parameter in the download-test-pdf endpoint. Eramba debug mode has to be enabled. Module Options msf use exploit/linux/http/erambarce msf...
CVE-2023-36255
creationtimestamp| type| source ---|---|--- 2025-03-25 18:01:43+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/erambarce.rb 2025-03-26 21:02:11+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3llcon64l7r2p 2025-10-23...
CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL...
CVE-2023-36255
Eramba (Eramba GRC) up to version 3.19.1 is affected by an authenticated remote code execution vulnerability that can be triggered via the path parameter in the URL to the download-test-pdf endpoint. Public writeups and PoCs indicate an RCE in Eramba 3.19.1, with exploits and Metasploit modules r...
Eramba 3.19.1 Remote Command Execution
Trovent Security Advisory 2303-01 Authenticated remote code execution in Eramba Overview Advisory ID: TRSA-2303-01 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2303-01 Affected product: Eramba Affected version: 3.19.1 Enterprise and Community...