GroundWork - 'monarch_scan.cgi' OS Command Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

GroundWork monarch_scan.cgi OS Command Injection

This module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarchscan.cgi where user controlled input is used in the perl qx function. This allows any remote authenticated attacker, regardle...

SAP ConfigServlet Remote Code Execution

This module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. This module has been tested successfully with SAP NetWeaver 7.00 and 7.01 on Windows Server 2008 R2. This module requires Metasploit: https://metasploit.com/download...

GroundWork monarch_scan.cgi OS Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

D-Link DIR-615 / DIR-300 XSS / CSRF / Command Injection / Insecure Crypto

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

DLink DIR-615 Hardware rev D3 / DIR-300 - Hardware rev A - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

D-Link DIR-615 Rev D3 / DIR-300 Rev A - Multiple Vulnerabilities

Device Name: DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A Vendor: D-Link ============ Device Description: ============ DIR-300: http://www.dlink.com/de/de/home-solutions/connect/routers/dir-300-wirele... DIR-615:...

[ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services

ESNC-2013-003 Remote OS Command Execution in SAP BASIS Communication Services Please refer to www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...

SAP ConfigServlet OS Command Execution

Exploit for multiple platform in category remote exploits require 'msf/core' class Metasploit3 'SAP ConfigServlet OS command execution', 'Description' = %q This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. , 'Author' = 'Dmitry...

SAP ConfigServlet - OS Command Execution (Metasploit)

SAP ConfigServlet - OS Command Execution Metasploit require 'msf/core' class Metasploit3 'SAP ConfigServlet OS Command Execution', 'Description' = %q This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. , 'Author' = 'Dmitry Chastuhin'...

SAP ConfigServlet - OS Command Execution (Metasploit)

require 'msf/core' class Metasploit3 'SAP ConfigServlet OS Command Execution', 'Description' = %q This module allows execution of operating system commands through the SAP ConfigServlet without any authentication. , 'Author' = 'Dmitry Chastuhin', Vulnerability discovery based on the reference...

Sosci Survey 2.x Bypass / XSS / Command Execution

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities in Sosci Survey product: Sosci Survey vulnerable version: 2.3.04a fixed version: 2.3.04a impact: Critical homepage: https://www.soscisurvey.de...

DLink DIR-645 / DIR-815 Command Execution Vulnerability

Exploit for hardware platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core...

DLink DIR-645 / DIR-815 diagnostic.php Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'DLink DIR-645 / DIR-815 diagnostic.ph...

Linksys WRT54GL apply.cgi Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Linksys WRT54GL apply.cgi Command...

Linksys WRT54GL - 'apply.cgi' Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Linksys WRT54GL apply.cgi Command...

Linksys WRT54GL apply.cgi Command Execution

Exploit for hardware platform in category remote exploits require 'msf/core' class Metasploit3 'Linksys WRT54GL apply.cgi Command Execution', 'Description' = %q Some Linksys Routers are vulnerable to an authenticated OS command injection in the Web Interface. Default credentials are admin/admin o...

Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities

Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed...

Netgear DGN1000B - 'setup.cgi' Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Netgear DGN1000B setup.cgi Remote...

Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number: CVE-2013-2641,...