Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:35 a.m.9 views

CVE-2024-45256

An arbitrary file write issue in the exfiltration endpoint in BYOB Build Your Own Botnet 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in fileadd in api/files/routes.py...

9.8CVSS9.6AI score0.05635EPSS
Exploits3References1
0day.today
0day.today
added 2024/10/22 12:0 a.m.592 views

BYOB Unauthenticated Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities in the BYOB Build Your Own Botnet web GUI. It leverages an unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. It also uses an authenticated command injection in the payload generation...

9.8CVSS7.8AI score0.05635EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/10/16 12:0 a.m.527 views

BYOB Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'sqlite3' class MetasploitModule 'BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection CVE-2024-45256, CVE-2024-45257', 'Description' = %q Thi...

9.8CVSS7.4AI score0.05635EPSS
Exploits3
Metasploit
Metasploit
added 2024/10/15 6:54 p.m.396 views

BYOB Unauthenticated RCE via Arbitrary File Write and Command Injection (CVE-2024-45256, CVE-2024-45257)

This module exploits two vulnerabilities in the BYOB Build Your Own Botnet web GUI: 1. CVE-2024-45256: Unauthenticated arbitrary file write that allows modification of the SQLite database, adding a new admin user. 2. CVE-2024-45257: Authenticated command injection in the payload generation page...

9.8CVSS8.8AI score0.05635EPSS
Exploits3
Circl
Circl
added 2024/08/26 9:31 a.m.11 views

CVE-2024-45256

creationtimestamp| type| source ---|---|--- 2024-08-26 09:31:40+00:00| seen| https://t.me/cvedetector/4103 2024-10-15 15:35:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/byobunauthrce.rb 2025-02-06 03:13:46+00:00| seen|...

9.8CVSS7.3AI score0.05635EPSS
Exploits3References3
Rows per page
Query Builder