6 matches found
LifeSize UVC 1.2.6 - Authenticated RCE Vulnerabilities
No description provided by source...
LifeSize UVC Authenticated Remote Command Execution
When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user or equivalent. This module requires Metasploit: http//metasploit.com/download Current source:...
LifeSize UVC Authenticated Remote Command Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "LifeSize UVC Authenticated RCE via Ping", 'Description' = %q When authenticated as an administrator on LifeSize UVC 1.2.6, an attacke...
LifeSize UVC Authenticated RCE via Ping
When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user or equivalent. This module requires Metasploit: https://metasploit.com/download Current source:...
LifeSize UVC 1.2.6 - (Authenticated) Remote Code Execution
LifeSize UVC 1.2.6 - Authenticated Remote Code Execution LifeSize UVC 1.2.6 authenticated vulnerabilities RCE as www-data: POST /server-admin/operations/diagnose/ping/ HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept:...
LifeSize UVC 1.2.6 - (Authenticated) Remote Code Execution
LifeSize UVC 1.2.6 authenticated vulnerabilities RCE as www-data: POST /server-admin/operations/diagnose/ping/ HTTP/1.1 Host: 172.31.16.99 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:26.0 Gecko/20100101 Firefox/26.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8...