Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.192 views

Iomega StorCenter Pro NAS Web Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Iomega StorCenter Pro NAS Web Authentication Bypass', 'Description' = %q The Iomega StorCenter Pro Network Attached Storage device web interface...

9.8CVSS7.1AI score0.23195EPSS
Exploits3
CVE
CVE
added 2009/07/08 3:0 p.m.69 views

CVE-2009-2367

The CVE-2009-2367 entry concerns the Iomega StorCenter Pro NAS web interface (cgi-bin/makecgi-pro) generating predictable session IDs. The Connected documents confirm exploitability via brute-force guessing of the session_id parameter to hijack active sessions and gain administrative access. A Me...

9.8CVSS9.4AI score0.23195EPSS
Exploits3References4Affected Software1
Positive Technologies
Positive Technologies
added 2009/07/08 12:0 a.m.8 views

PT-2009-4796 · Iomega · Iomega Storcenter Pro

Name of the Vulnerable Software and Affected Versions: Iomega StorCenter Pro affected versions not specified Description: The issue allows remote attackers to hijack active sessions and gain privileges via brute force guessing attacks on the session id parameter in the "cgi-bin/makecgi-pro"...

9.8CVSS9.3AI score0.23195EPSS
Exploits3References7
Metasploit
Metasploit
added 2009/07/01 3:55 a.m.58 views

Iomega StorCenter Pro NAS Web Authentication Bypass

The Iomega StorCenter Pro Network Attached Storage device web interface increments sessions IDs, allowing for simple brute force attacks to bypass authentication and gain administrative access. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS7.5AI score0.23195EPSS
Exploits3
Rows per page
Query Builder