Lucene search
K

13 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.167 views

Cambium CnPilot R200/r201 Login Scanner And Config Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 Login Scanner and Config Dump', 'Description' = % This module scans for Cambium cnPilot r200/r201 management login...

9CVSS7.1AI score0.08133EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.228 views

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HTTP Client Automatic Exploiter 2 Browser Autopwn", 'Description' = %q This module will automatically serve browser exploits. Here are the option...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/07/31 12:0 a.m.411 views

OpenMediaVault rpc.php Authenticated Cron Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenMediaVault rpc.php Authenticated Cron Remote Code Execution', 'Description' = %q OpenMediaVault allows an authenticated user to create cron...

9CVSS7.4AI score0.56838EPSS
Exploits8
ATTACKERKB
ATTACKERKB
added 2024/05/28 12:0 a.m.133 views

CVE-2024-24919

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. Recent assessments: remmons-r7 at May 30...

8.6CVSS8.9AI score0.99978EPSS
In wildExploits52References4
Positive Technologies
Positive Technologies
added 2021/10/26 12:0 a.m.4 views

PT-2021-23636

ParsedReport CompletenessLow 07-10-2025 Crimson Collective: A New Threat Group Observed Operating in the Cloud https://www.rapid7.com/blog/post/tr-crimson-collective-a-new-threat-group-observed-operating-in-the-cloud Report completeness: Low Actors/Campaigns: Crimson collective Threats: Truffleho...

6.9AI score
Exploits0References4
Metasploit
Metasploit
added 2017/12/18 10:32 p.m.42 views

Cambium cnPilot r200/r201 Login Scanner and Config Dump

This module scans for Cambium cnPilot r200/r201 management login portals, attempts to identify valid credentials, and dump device configuration. The device has at least two 2 users - admin and user. Due to an access control vulnerability, it is possible for 'user' account to access full device...

8.8CVSS0.4AI score0.08133EPSS
Exploits2
Packet Storm
Packet Storm
added 2016/09/24 12:0 a.m.43 views

Metasploit Web UI Static secret_key_base Value

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule NullSerializer @serializer = options:serializer || Marshal end def encryptandsignvalue...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2014/10/28 4:37 a.m.36 views

GNU Wget FTP Symlink Arbitrary Filesystem Access

This module exploits a vulnerability in Wget when used in recursive -r mode with a FTP server as a destination. A symlink is used to allow arbitrary writes to the target's filesystem. To specify content for the file, use the "file:/path" syntax for the TARGETDATA option. Tested successfully with...

9.3CVSS10AI score0.39883EPSS
Exploits4
Metasploit
Metasploit
added 2013/11/07 8:59 p.m.44 views

Supermicro Onboard IPMI close_window.cgi Buffer Overflow

This module exploits a buffer overflow on the Supermicro Onboard IPMI controller web interface. The vulnerability exists on the closewindow.cgi CGI application, and is due to the insecure usage of strcpy. In order to get a session, the module will execute system from libc with an arbitrary CMD...

10CVSS1.1AI score0.71929EPSS
Exploits10
Metasploit
Metasploit
added 2013/11/06 7:45 p.m.78 views

Supermicro Onboard IPMI Static SSL Certificate Scanner

This module checks for a static SSL certificate shipped with Supermicro Onboard IPMI controllers. An attacker with access to the publicly-available firmware can perform man-in-the-middle attacks and offline decryption of communication to the controller. This module has been on a Supermicro Onboar...

8.1CVSS6.3AI score0.09688EPSS
Exploits2
Metasploit
Metasploit
added 2013/10/30 3:25 p.m.34 views

NAS4Free Arbitrary Remote Code Execution

NAS4Free allows an authenticated user to post PHP code to a special HTTP script and have the code executed remotely. This module was successfully tested against NAS4Free version 9.1.0.1.804. Earlier builds are likely to be vulnerable as well. This module requires Metasploit:...

6CVSS0.4AI score0.13729EPSS
Exploits5
Metasploit
Metasploit
added 2013/06/04 1:53 p.m.72 views

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution

This module exploits the MiniUPnP 1.0 SOAP stack buffer overflow vulnerability present in the SOAPAction HTTP header handling. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.0 Stac...

10CVSS0.9AI score0.69151EPSS
Exploits14
Metasploit
Metasploit
added 2013/05/15 2:2 p.m.42 views

Mutiny 5 Arbitrary File Upload

This module exploits a code execution flaw in the Mutiny 5 appliance. The EditDocument servlet provides a file upload function to authenticated users. A directory traversal vulnerability in the same functionality allows for arbitrary file upload, which results in arbitrary code execution with roo...

8.5CVSS7.9AI score0.40338EPSS
Exploits8
Rows per page
Query Builder