6 matches found
CVE-2018-0278
A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attacker could exploit this...
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (CVE-2016-6433)
No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability",...
Cisco Firepower Management Console 6.0 Login
This module attempts to authenticate to a Cisco Firepower Management console via HTTPS. The credentials are also used for SSH, which could allow remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
Cisco Firepower Management Console 6.0 Post Authentication UserAdd
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability", 'Description' = %q This module exploits a...
Cisco Firepower Management Console 6.0 Post Authentication UserAdd Exploit
This Metasploit module exploits a vulnerability found in Cisco Firepower Management Console. The management system contains a configuration flaw that allows the www user to execute the useradd binary, which can be abused to create backdoor accounts. Authentication is required to exploit this...
Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability
This module exploits a vulnerability found in Cisco Firepower Management Console. The management system contains a configuration flaw that allows the www user to execute the useradd binary, which can be abused to create backdoor accounts. Authentication is required to exploit this vulnerability...