Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution

// Exploit Title: RCE in PATCH requests in Spring Data REST // Date: 2018-03-10 // Exploit Author: Antonio Francesco Sardella // Vendor Homepage: https://pivotal.io/ // Software Link: https://projects.spring.io/spring-data-rest/ // Version: Spring Data REST versions prior to 2.6.9 Ingalls SR9,...

Spring data rest 远程代码执行(cve-2017-8046)

漏洞描述 漏洞描述 Spring Data Rest 在处理 PATCH 请求时存在RCE高危漏洞, 可以使用手工构造的JSON数据构造恶意PATCH请求提交至spring-data-rest服务器，使得服务器运行恶意JAVA代码。Spring Data Rest项目的目标是提供一种灵活的、可配置的机制，编写出可以对外暴露出HTTP协议的简单服务。 Git地址: https://github.com/spring-projects/spring-data-rest 漏洞来源: https://pivotal.io/security/cve-2017-8046 影响版本： Spring...

PT-2018-17249 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions through v0.9.8.12 Description: The issue concerns an XSS vulnerability via the module value of the "index.php" file. Recommendations: For versions through v0.9.8.12, as a temporary workaround, consider restricting...

Arbitrary Code Execution

spring-data-rest servers are vulnerable to arbitrary code execution attacks. The attacks exist because it does not check the path before processing PATCH requests to the server, allowing the attackers to submit patch requests with malicious JSON data...

Pivotal Spring Data REST Remote Code Execution Vulnerability

Spring Data REST is part of the Spring Data project and enables building hypermedia-driven REST web services on top of the Spring Data repository. A remote code execution vulnerability exists in Pivotal Spring Data REST, which allows an attacker to perform a remote code execution attack by...

SonicDICOM PACS Elevation of Privilege Vulnerability

SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. An elevation of privilege vulnerability exists in SonicDICOM. An ordinary user can exploit this vulnerability to gain administrator privileges to elevate privileg...

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Desc:...

MGASA-2016-0080 Updated nodejs packages fix security vulnerability

A request smuggling vulnerability was found in Node.js that can be exploited under certain unspecified circumstances CVE-2016-2086. It was reported that HTTP header parsing in Node.js is vulnerable to response splitting attacks. While Node.js has been protecting against response splitting attacks...