13 matches found
Metasploit Wrap-Up 05/16/2025
New modules for everyone This week’s release is packed with new module content. We have RCE modules for Car Rental System 1.0, Wordpress plugins SureTriggers, User Registration and Membership. We also have a persistence module for LINQPad software and an auxiliary module for POWERCOM UPSMON PRO. ...
CVE-2022-38122 POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information
UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...
CVE-2022-38122 POWERCOM CO., LTD. UPSMON PRO - Cleartext Transmission of Sensitive Information
UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data...
CVE-2022-38121 POWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected Credentials
UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file...
CVE-2022-38121 POWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected Credentials
UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators' account names and passwords via this unprotected configuration file...
CVE-2022-38120 POWERCOM CO., LTD. UPSMON PRO - Path Traversal
UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...
CVE-2022-38120 POWERCOM CO., LTD. UPSMON PRO - Path Traversal
UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files...
CVE-2022-38119 POWERCOM CO., LTD. UPSMON PRO - Broken Authentication
UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service...
CVE-2022-38119 POWERCOM CO., LTD. UPSMON PRO - Broken Authentication
UPSMON Pro login function has insufficient authentication. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and get administrator privilege to access, control system or disrupt service...
Powercom UPSMON PRO 授权问题漏洞
Powercom UPSMON PRO is a multi-platform client-server software from Powercom that allows remote monitoring and control of a UPS via SNMP, HTTP and UDP. An authorization issue vulnerability exists in Powercom UPSMON PRO v2.57, which arises from insufficient authentication of the login function and...
Powercom UPSMON PRO 路径遍历漏洞
Powercom UPSMON PRO is a multi-platform client-server software from Powercom that allows remote monitoring and control of UPS via SNMP, HTTP and UDP. A path traversal vulnerability exists in Powercom UPSMON PRO version v2.57, which stems from a path traversal issue that can be exploited by a remo...
Powercom UPSMON PRO 安全漏洞
Powercom UPSMON PRO is a multi-platform client-server software from Powercom that allows remote monitoring and control of a UPS via SNMP, HTTP and UDP. A security vulnerability exists in Powercom UPSMON PRO, which arises from the explicit transmission of sensitive data over the HTTP protocol that...
Powercom UPSMON PRO 安全漏洞
Powercom UPSMON PRO is a multi-platform client-server software from Powercom that allows remote monitoring and control of UPS via SNMP, HTTP and UDP. A security vulnerability exists in Powercom UPSMON PRO, which is caused by a configuration file that stores user passwords in clear text in the...