Lucene search
+L

8 matches found

Packet Storm
Packet Storm
added 2025/03/12 12:0 a.m.325 views

VICIdial 2.14-917 Remote Command Execution

VICIdial version 2.14-917 proof of concept remote command execution exploit that takes advantage of a flaw originally found in 2024. ============================================================================================================================================= | Title : VICIdial v...

8.8CVSS7.2AI score0.75384EPSS
Exploits7
Rapid7 Blog
Rapid7 Blog
added 2024/10/04 7:53 p.m.37 views

Metasploit Weekly Wrap-Up 10/04/2024

New module content 3 cups-browsed Information Disclosure Authors: bcoles and evilsocket Type: Auxiliary Pull request: 19510 contributed by bcoles Path: scanner/misc/cupsbrowsedinfodisclosure Description: Adds scanner module to retrieve CUPS version and kernel version information from cups-browsed...

9.8CVSS10AI score0.75384EPSS
Exploits10
Metasploit
Metasploit
added 2024/10/01 6:55 p.m.339 views

VICIdial Authenticated Remote Code Execution

An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell commands as the "root" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. Module Options msf use...

9.8CVSS8.9AI score0.80023EPSS
Exploits10
GithubExploit
GithubExploit
added 2024/09/14 6:27 a.m.616 views

Exploit for CVE-2024-8504

⚡️ Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE ⚡️...

9.8CVSS10AI score0.80023EPSS
Exploits12
0day.today
0day.today
added 2024/09/11 12:0 a.m.502 views

VICIdial 2.14-917a Remote Code Execution Vulnerability

An attacker with authenticated access to VICIdial version 2.14-917a as an agent can execute arbitrary shell commands as the root user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. Title: VICIdial Authenticated Remo...

9.8CVSS7.9AI score0.80023EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/09/11 12:0 a.m.847 views

VICIdial 2.14-917a Remote Code Execution

KL-001-2024-012: VICIdial Authenticated Remote Code Execution Title: VICIdial Authenticated Remote Code Execution Advisory ID: KL-001-2024-012 Publication Date: 2024-09-10 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-012.txt 1. Vulnerability Details Affected Vendor:...

9.8CVSS7AI score0.80023EPSS
Exploits12
Circl
Circl
added 2024/09/10 10:37 p.m.12 views

CVE-2024-8504

creationtimestamp| type| source ---|---|--- 2024-09-10 22:37:05+00:00| seen| https://t.me/cvedetector/5298 2024-09-14 06:31:55+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8527 2024-09-15 08:46:36+00:00| seen| https://t.me/proxybar/2264 2024-09-15 09:25:24+00:00|...

8.8CVSS7.3AI score0.75384EPSS
Exploits7References30
KoreLogic Security
KoreLogic Security
added 2024/09/10 12:0 a.m.80 views

VICIdial Authenticated Remote Code Execution

Vulnerability Details Affected Vendor: VICIdial Affected Product: VICIdial Affected Version: 2.14-917a Platform: GNU/Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' CVE ID: CVE-2024-8504 2. Vulnerability Description An...

9.8CVSS9.9AI score0.80023EPSS
Exploits12Affected Software1
Rows per page
Query Builder