Bihu's uRouter Wireless Router Has Multiple Vulnerabilities

Bihu uRouter Wireless Router is an enterprise-grade intelligent routing product manufactured and marketed by Bihu Technology in China. Multiple vulnerabilities exist in the Bihu uRouter. An unauthenticated attacker can bypass the system authentication mechanism by providing a random SID cookie...

Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution

i? Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution Vendor: Iris ID, Inc. Product web page: http://www.irisid.com http://www.irisid.com/productssolutions/hardwareproducts/icu-7000-2/ Affected version: ICU Software: 1.00.08 ICU OS: 1.3.8 ICU File system: 1.3.8 EIF Firmware Channel 1: 1....

F5 iControl - 'iCall::Script' Root Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit3 "http://schemas.xmlsoap.org/soap/encoding/" STRINGATTRS = 'xsi:type' = 'urn:Common.StringSequence',...

RSA Web Threat Detection Elevation of Privilege Vulnerability

RSA Web Threat Detection is a big data and security analytics solution. A security vulnerability exists in RSA Web Threat Detection that could be exploited by a local attacker to inject special commands into a configuration file to execute arbitrary system commands with ROOT privileges...

Watchguard XCS FixCorruptMail Local Privilege Escalation

This module exploits a vulnerability in the Watchguard XCS 'FixCorruptMail' script called by root's crontab which can be exploited to run a command as root within 3 minutes. This module requires Metasploit: https://metasploit.com/download Current source:...

Red Hat OpenShift Enterprise Arbitrary Command Execution Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications.OpenShift Enterprise is an open source version of the private cloud. A security vulnerability exists in Red Hat OpenShift Enterprise version 3.0.0.0 tha...

abrt: default abrt event scripts lead to information disclosure

It was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. The fix for this issue prevents non-privileged use...

OP5 5.3.5/5.4.0/5.4.2/5.5.0/5.5.1 - 'license.php' Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'OP5 license.php Remote Command Execution', 'Description' = %q This module exploits an arbitrary root command execution...

Multiple Command Execution Vulnerabilities in AlienVault OSSIM and USM

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM and USM web UI allows users to automate the deployment of OSSEC agents to windows hosts, Failure to filter correctly when providing usernames and passwords can...

OP5 5.3.5/5.4.0/5.4.2/5.5.0/5.5.1 - 'welcome' Remote Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'OP5 welcome Remote Command Execution', 'Description' = %q This module exploits an arbitrary root command execution vulnerabilit...

Alcasar 2.8 Remote Root Command Execution

!/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8 Remote Root Code Execution Vulnerability Author: eF Date : 2014-02-10 db 88 ,ad8888ba, db ad88888ba db 88888888ba d88b 88 d8"' "8b d88b d8" "8b d88b 88 "8b d8'8b 88 d8' d8'8b Y8, d8'8b 88 ,8P d8' 8b 88 88 d8' 8b Y8aaaaa, d8' 8b 88aaaaaa8P'...

DD-WRT v24-sp1 - (CSRF) Cross Site Reference Forgery Exploit

No description provided by source. Remote root dd-wrt -------------------------------------------------------------------------------- Written by Michael Brooks Special thanks to str0ke Exploits tested on the newist stable version: Firmware: DD-WRT v24-sp1 07/27/08 micro Product Homepage:...

Ubiquiti AirOS <= 5.5.2 - Remote POST-Auth Root Command Execution

No description provided by source. !/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Ubiquiti AirOS = 5.5.2 Remote POST-Auth Root Command Execution Date : 12-28-2012 Author : xistence...

Halloween Linux 4.0,RedHat Linux 6.1/6.2 imwheel Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string...

ACTi ASOC 2200 Web Configurator <= 2.6 - Remote Root Command Execution

No description provided by source. !perl ACTi ASOC 2200 Web Configurator = v2.6 Remote Root Command Execution Dicovery & Author: Todor Donev Author mail: todor.donev@@gmail.com Type: Hardware Vuln Type and Risk: Remote / High ACTi Corporation is the technology leader in IP surveillance, focusing ...

MGASA-2013-0327 Updated torque packages fix CVE-2013-4495

Updated torque packages fix security vulnerability: A user could submit executable shell commands on the tail of what is passed with the -M switch for qsub. This was later passed to a pipe, making it possible for these commands to be executed as root on the pbsserver CVE-2013-4495...

Sun SPARC Enterprise T5120 and T5220 Default Configuration Root Command Execution

The remote Sun SPARC Enterprise Server has been mistakenly shipped with factory settings in the pre-installed Solaris 10 image which configures the remote SSH server insecurely. As a result, local or remote users may leverage these misconfigurations to execute arbitrary commands with the privileg...

Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Ubiquiti AirOS 0x90.nl Software link : http://www.ubnt.com/eula/?BACK=/downloads/XM-v5.5.2.build14175.bin Vendor site :...

SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)

The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters e.g. umlauts. Affected passwords are potentially faster to crack via brute-force methods. CVE-2011-2483 SUSE's crypt implementation supports the blowfish password hashing...