9 matches found
Supermicro Onboard IPMI Static SSL Certificate Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Supermicro Onboard IPMI Static SSL Certificate Scanner', 'Description' = %q This module checks for a static SSL certificate shipped with Supermic...
Supermicro Onboard IPMI Port 49152 Sensitive File Exposure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Supermicro Onboard IPMI Port 49152 Sensitive File Exposure', 'Description' = %q This module abuses a file exposure vulnerability...
Portable UPnP SDK unique_service_name() Remote Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Supermicro Onboard IPMI close_window.cgi Buffer Overflow
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initializeinfo...
Supermicro Onboard IPMI - 'close_window.cgi' Remote Buffer Overflow (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Supermicro Onboard IPMI closewindow.cgi Buffer Overflow', 'Description' = %q This module exploits a buffer overflow on the Supermicro...
Supermicro Onboard IPMI url_redirect.cgi Authenticated Directory Traversal
This module abuses a directory traversal vulnerability in the urlredirect.cgi application accessible through the web interface of Supermicro Onboard IPMI controllers. The vulnerability is present due to a lack of sanitization of the urlname parameter. This allows an attacker with a valid, but not...
Supermicro Onboard IPMI Static SSL Certificate Scanner
This module checks for a static SSL certificate shipped with Supermicro Onboard IPMI controllers. An attacker with access to the publicly-available firmware can perform man-in-the-middle attacks and offline decryption of communication to the controller. This module has been on a Supermicro Onboar...
Portable UPnP SDK unique_service_name() Remote Code Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Portable UPnP SDK uniqueservicename...
Portable UPnP SDK unique_service_name() Remote Code Execution
This Metasploit module exploits a buffer overflow in the uniqueservicename function of libupnp's SSDP processor. The libupnp library is used across thousands of devices and is referred to as the Intel SDK for UPnP Devices or the Portable SDK for UPnP Devices. Due to size limitations on many...