Net-SNMPd Write Access SNMP-EXTEND-MIB arbitrary code execution (authenticated)

Targets running Net-SNMPd may be vulnerable to remote code execution. If the service user has R/W access and the attacker knows the SNMP community string value, then the attacker can manipulate the target’s SNMP extension MIBs SNMP-EXTEND-MIB to enable and achieve remote code execution on the...

Net-SNMPd Write Access SNMP-EXTEND-MIB arbitrary code execution

This exploit module exploits the SNMP write access configuration ability of SNMP-EXTEND-MIB to configure MIB extensions and lead to remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'snmp'...