Peplink Balance Routers SQL Injection

class MetasploitModule 'Peplink Balance routers SQLi', 'Description' = %q Firmware versions up to 7.0.0-build1904 of Peplink Balance routers are affected by an unauthenticated SQL injection vulnerability in the bauth cookie, successful exploitation of the vulnerability allows an attacker to...

CBL Mariner 2.0 Security Update: python-pip / python-urllib3 / python3 (CVE-2023-45803)

The version of python-pip / python-urllib3 / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45803 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 previously...

Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593)

This module exploits an access control issue in Ivanti Virtual Traffic Manager vTM, by adding a new administrative user to the web interface of the application. Affected versions include 22.7R1, 22.6R1, 22.5R1, 22.3R2, 22.3, 22.2. Module Options msf use auxiliary/admin/http/ivantivtmadmin msf...

CBL Mariner 2.0 Security Update: python-urllib3 / python3 (CVE-2023-43804)

The version of python-urllib3 / python3 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-43804 advisory. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cooki...

SPIP 4.2.12 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SPIP Unauthenticated RCE via porteplume Plugin', 'Description' = %q This module exploits a Remote Code Execution vulnerability in SPIP versions u...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-2186)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)

This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow use auxiliary/admin/http/fortrafilecatalystworkflowsqli msf auxiliaryfortrafilecatalystworkflowsqli show actions ...actions... msf auxiliaryfortrafilecatalystworkflowsqli set ACTION msf...

OESA-2024-1980 golang security update

. Security Fixes: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

OESA-2024-1978 golang security update

. Security Fixes: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...

F5 Networks BIG-IP : Python urllib3 vulnerability (K000140711)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000140711 advisory. urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the...

Medium: nodejs

Issue Overview: NOTE: https://nodejs.org/en/blog/vulnerability/april-2024-security-releases/ CVE-2024-27982 Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for fetch, but did not clear them for undici.request. This...

Apache HugeGraph Gremlin RCE

This module exploits CVE-2024-27348 which is a Remote Code Execution RCE vulnerability that exists in Apache HugeGraph Server in versions before 1.3.0. An attacker can bypass the sandbox restrictions and achieve RCE through Gremlin, resulting in complete control over the server Module Options msf...

CVE-2024-42367

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2111)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-2094)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : python-urllib3 (EulerOS-SA-2024-2111)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization...

Fedora: Security Advisory (FEDORA-2024-e0b0ad79b2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AMPLE BILLS 1.0 Administrative Page Disclosure

============================================================================================================================================= | Title : AMPLE BILLS v1.0 Administrative Page Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

mySCADA MyPRO Authenticated Command Injection

class MetasploitModule 'mySCADA MyPRO Authenticated Command Injection CVE-2023-28384', 'Description' = %q Authenticated Command Injection in MyPRO MSFLICENSE, 'Author' = 'Michael Heinzl', Vulnerability discovery & MSF module 'References' = 'URL',...

Apache CXF 3.6.x < 3.6.4, 4.0.x < 4.0.5 DoS

In versions of Apache CXF before 3.6.4 and 4.0.5 3.5.x and lower versions are not impacted, a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out o...