IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', module '0x09AL'...

IPFire ids.cgi OINKCODE Parameter Command Injection (CVE-2017-9757)

A command injection vulnerability exists in the ids.cgi script of IPFire. The vulnerability is due to incorrect handling of the OINKCODE HTTP parameter. A remote authenticated attacker may exploit this vulnerability by sending a crafted request to the vulnerable CGI script...

IPFire proxy.cgi Remote Code Execution Exploit

IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field. This module requires Metasploit: http://metasploit.com/download Current source:...

IPFire proxy.cgi Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', module '0x09AL' discove...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

Command injection

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF...

CVE-2017-9757

IPFire 2.19 contains a remote command injection vulnerability in the ids.cgi script via the OINKCODE parameter. The issue is triggered when the shell mishandles the input, allowing an attacker to execute commands. Exploitation can occur by authenticated users or via CSRF, according to CVE-2017-97...

CVE-2017-9757

IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF. Recent assessments: h00die at March 25, 2020 12:10am UTC reported: Authentication is required,...

IPFire proxy.cgi RCE

IPFire, a free linux based open source firewall distribution, version 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', module '0x09AL' discovery , 'References' = 'CVE', '2017-9757' , 'EDB', '42149' , 'License' = MSFLICENSE...

IPFire Remote Code Execution Vulnerability

IPFire is a free Linux-based firewall. IPFire suffers from a remote code execution vulnerability that could allow an attacker to execute remote commands...

IPFire 2.19 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software :...

IPFire 2.19 Remote Code Execution

Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software : http://downloads.ipfire.org/releases/ipfire-2.x/2.19-core110/ipfire-2.19.x8664-full-core110.iso...

IPFire 2.19 - Remote Code Execution

IPFire 2.19 - Remote Code Execution Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software :...

IPFire 2.19 - Remote Code Execution

Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software : http://downloads.ipfire.org/releases/ipfire-2.x/2.19-core110/ipfire-2.19.x8664-full-core110.iso...

IPFire proxy.cgi Remote Code Execution Vulnerability

IPFire is a free Linux-based firewall. A remote code execution vulnerability exists in IPFire proxy.cgi, which allows an attacker to execute remote commands...

IPFire has multiple vulnerabilities

IPFire is a free Linux-based firewall. Cross-site scripting and remote code execution vulnerabilities exist in versions of IPFire prior to 2.17. An attacker could exploit these vulnerabilities to steal cookie-based authentication or execute arbitrary commands in an affected application...

IPFire - proxy.cgi Remote Code Execution (Metasploit)

Exploit for cgi platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open...

IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', modu...