Exchange Control Panel Viewstate Deserialization

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'Exchange Control Panel Viewstate Deserialization', 'Description' = %q This module exploits a .NET serialization vulnerability i...

CVE-2020-5404

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...

CVE-2020-5404

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...

Buffer overflow

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...

CVE-2020-5404

CVE-2020-5404 affects Reactor Netty’s HttpClient (versions 0.9.x before 0.9.5 and 0.8.x before 0.8.16). The issue arises when the HttpClient is explicitly configured to follow redirects, which may cause a credentials leak during a redirect to a different domain. Impact is credential leakage; expl...

CVE-2020-5404 Authentication Leak On Redirect With Reactor Netty HttpClient

The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirect...

Cacti 1.2.8 Unauthenticated Remote Code Execution

Exploit Title: Cacti v1.2.8 - Unauthenticated Remote Code Execution Metasploit Date: 2020-02-29 Exploit Author: Lucas Amorim sh286s CVE: CVE-2020-8813 Vendor Homepage: https://cacti.net/ Version: v1.2.8 Tested on: Linux This module requires Metasploit: https://metasploit.com/download Current...

EulerOS 2.0 SP5 : jakarta-commons-httpclient (EulerOS-SA-2020-1109)

According to the version of the jakarta-commons-httpclient package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout...

Huawei EulerOS: Security Advisory for jakarta-commons-httpclient (EulerOS-SA-2020-1109)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple Vulnerabilities identified in IBM StoredIQ

Summary Multiple vulnerabilities in bundled software packages affect IBM StoredIQ. IBM StoredIQ has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2009-0217 DESCRIPTION: The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products...

Security Bulletin: Security Vulnerabilities have been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2012-5783, CVE-2018-1614, CVE-2014-0114, CVE-2015-0899)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about security vulnerabilities affecting Websphere Application Server has been published in security bulletins. Vulnerability Details Please consult the security bulletins: Security Bulletin:...

Security Bulletin: Multiple vulnerabilities in Global Mailbox in IBM Sterling B2B Integrator (CVE-2015-5262, CVE-2014-3577)

Summary IBM Global Mailbox is vulnerable to denial of service attacks and spoofing attacks due to the vulnerabilities in Apache httpClient Vulnerability Details CVEID: CVE-2015-5262 DESCRIPTION: Apache Commons is vulnerable to a denial of service, caused by the failure to apply a configured...

Centreon 19.10.5 - 'Pollers' Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Centreon Poller Authenticated Remote Command Execution', 'Description' = %q TODO , 'Author' = 'Omri Baso', discovery 'Fabien Aunay', discovery...

Huawei EulerOS: Security Advisory for jakarta-commons-httpclient (EulerOS-SA-2019-2397)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for jakarta-commons-httpclient (EulerOS-SA-2019-2027)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tautulli v2.1.9 - Shutdown Denial of Service

Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the /shutdown URL. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service',...

Tautulli 2.1.9 - Denial of Service (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service', 'Description' = 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the...

D-Link DIR-859 Unauthenticated Remote Command Execution

D-Link DIR-859 Routers are vulnerable to OS command injection via the UPnP interface. The vulnerability exists in /gena.cgi function genacgimain in /htdocs/cgibin, which is accessible without credentials. This module requires Metasploit: https://metasploit.com/download Current source:...

OpenNetAdmin Ping Command Injection

This module exploits a command injection in OpenNetAdmin between 8.5.14 and 18.1.1. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenNetAdmin Ping Command Injection', 'Description' = %q This...

EulerOS 2.0 SP2 : jakarta-commons-httpclient (EulerOS-SA-2019-2397)

According to the version of the jakarta-commons-httpclient package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The Hyper-Text Transfer Protocol HTTP is perhaps the most significant protocol used on the Internet today. Web services,...