44 matches found
Kramer VIAware Remote Code Execution
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Date: 31/03/2022 Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys,...
Kramer VIAware - Remote Code Execution Exploit
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys, urllib3 from request...
Kramer VIAware - Remote Code Execution (RCE) (Root)
Exploit Title: Remote Code Execution as Root on KRAMER VIAware Date: 31/03/2022 Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys,...
Kramer VIAware 2.5.0719.1034 - Remote Code Execution Exploit
Exploit Title: Kramer VIAware 2.5.0719.1034 - Remote Code Execution RCE Exploit Author: sharkmoos & BallO Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: 2.5.0719.1034 Tested on: ViaWare Go Windows 10 CVE : CVE-2019-17124 import...
Kramer VIAware 2.5.0719.1034 Remote Code Execution
Exploit Title: Kramer VIAware 2.5.0719.1034 - Remote Code Execution RCE Date: 28/03/2022 Exploit Author: sharkmoos & BallO Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: 2.5.0719.1034 Tested on: ViaWare Go Windows 10 CVE :...
Kramer VIAware 2.5.0719.1034 - Remote Code Execution (RCE)
Exploit Title: Kramer VIAware 2.5.0719.1034 - Remote Code Execution RCE Date: 28/03/2022 Exploit Author: sharkmoos & BallO Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: 2.5.0719.1034 Tested on: ViaWare Go Windows 10 CVE :...
CVE-2021-36356
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames even though browseSystemFiles.php is no longer reachable via the GUI. NOTE: this issue exists because of an incomplete fix for...
CVE-2021-36356
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames even though browseSystemFiles.php is no longer reachable via the GUI. NOTE: this issue exists because of an incomplete fix for...
Information disclosure
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames even though browseSystemFiles.php is no longer reachable via the GUI. NOTE: this issue exists because of an incomplete fix for...
CVE-2021-36356
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames even though browseSystemFiles.php is no longer reachable via the GUI. NOTE: this issue exists because of an incomplete fix for...
CVE-2021-36356
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames even though browseSystemFiles.php is no longer reachable via the GUI. NOTE: this issue exists because of an incomplete fix for...
CVE-2021-36356
KRAMER VIAware (through Aug 2021) is vulnerable to remote code execution via ajaxPages/writeBrowseFilePathAjax.php which accepts arbitrary executable pathnames, enabling unauthenticated attackers to upload and execute code. The issue stems from an incomplete fix for CVE-2019-17124. Reports in CVE...
Kramer Electronics VIAware 代码问题漏洞
Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics Israel. A code issue exists in Kramer Electronics VIAware that allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable...
Unspecified Vulnerability in VIAware
Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics, Israel. A security vulnerability exists in all tested versions of KramerAV VIAWare, which can be exploited by an attacker to elevate privileges via misconfigured sudo...
VIAware 安全漏洞
Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics, Israel. A security vulnerability exists in all tested versions of KramerAV VIAWare, which can be exploited by an attacker to elevate privileges via misconfigured sudo...
CVE-2019-17124
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control...
CVE-2019-17124
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control...
Improper access control
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control...
CVE-2019-17124
Kramer VIAware 2.5.0719.1034 has Incorrect Access Control...
CVE-2019-17124
CVE-2019-17124 affects Kramer VIAware; multiple connected sources (Red Hat CVE-2021-36356, CVE lists) indicate the issue persists via an incomplete fix and allows remote code execution through ajaxPages/writeBrowseFilePathAjax.php by accepting arbitrary pathnames. The advisory notes this is an af...