📄 Cisco Catalyst SD-WAN Controller Authentication Bypass / Arbitrary WAR Upload

A critical security vulnerability chain was identified involving an authentication bypass through exposed configuration data, followed by an arbitrary file upload via path traversal. Successful exploitation may allow an attacker to deploy a malicious WAR archive into the application server's...

EUVD-2022-5534

Malicious code in bioql PyPI...

PT-2023-6781

Name of the Vulnerable Software and Affected Versions SysAid On-Premise versions prior to 23.3.36 Description A path traversal vulnerability in SysAid On-Premise software leads to code execution after an attacker writes a file to the Tomcat webroot. This issue has been exploited in the wild, with...

wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)

It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution...

Code injection

An issue was discovered in Skybox Platform before 7.5.201. Remote Unauthenticated Code Execution exists via a WAR archive containing a JSP file. The WAR file is sent to /skyboxview-softwareupdate/services/CollectorSoftwareUpdate and the JSP file is reached at...

CVE-2015-9246

CVE-2015-9246 affects Skybox Platform; remote unauthenticated code execution via a WAR containing a JSP is possible. The WAR is delivered to /skyboxview-softwareupdate/services/CollectorSoftwareUpdate and the JSP executes at /opt/skyboxview/thirdparty/jboss/server/web/work/jboss.web/localhost. Af...

Apache Tomcat Manager Application Deployer Authenticated Code Execution

No description provided by source. $Id: tomcatmgrdeploy.rb 11330 2010-12-14 17:26:44Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Apache Tomcat Manager - Application Upload (Authenticated) Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Apache.Coyote|Tomcat/ CSRFVAR = 'CSRFNONCE=' include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo =...

Apache Tomcat Manager Code Execution Exploit

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets var...

Apache Tomcat Manager Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Apache.Coyote|Tomcat/ CSRFVAR = 'CSRFNONCE=' include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo =...

Apache Tomcat Manager Application Deployer Authenticated Code Execution

This module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is no...

Oracle GlassFish Server - REST Cross-Site Request Forgery

Details Vendor Site: Oracle www.oracle.com Date: April, 19th 2012 – CVE 2012-0550 Affected Software: Oracle GlassFish Server 3.1.1 build 12 Researcher: Roberto Suggi Liverani PDF version: http://www.security-assessment.com/files/documents/advisory/OracleGlassFishServerRESTCSRF.pdf Description...

Apache Tomcat Manager - Application Deployer (Authenticated) Code Execution (Metasploit)

$Id: tomcatmgrdeploy.rb 11330 2010-12-14 17:26:44Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

JBoss JMX - Console Deployer Upload and Execute (Metasploit)

$Id: jbossmaindeployer.rb 10754 2010-10-19 22:24:33Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Apache Tomcat Manager Application Deployer Upload and Execute

$Id: tomcatmgrdeploy.rb 8552 2010-02-18 18:18:43Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...