This Metasploit module exploits a vulnerability found in Mako Server version 2.5. It’s possible to inject arbitrary OS commands in the Mako Server tutorial page through a PUT request to save.lsp. Attacker input will be saved on the victims machine and can be executed by sending a GET request to manage.lsp. Source: Mako Server 2.5 […]
The post Mako Server 2.5 Command Injection appeared first on MondoUnix.
This Metasploit module exploits an arbitrary command execution vulnerability in tnftp’s handling of the resolved output filename – called “savefile” in the source – from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component of the requested resource. If the output filename […]
The post tnftp “savefile” Arbitrary Command Execution appeared first on MondoUnix.
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target…
The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prompt without authentication. Versions prior to 3.0.4 contain OS command injection […]
The post Polycom Command Shell Authorization Bypass appeared first on MondoUnix.
Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.
Source: Shadowsocks-libev 3.1.0 Command Execution
The post Shadowsocks-libev 3.1.0 Command Execution appeared first on MondoUnix.
Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 […]
The post Shadowsocks Log Manipulation / Command Execution appeared first on MondoUnix.
Netgear ReadyNAS Surveillance version 1.4.3-16 suffers from a remote command execution vulnerability.
Source: Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution
The post Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution appea…
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS command injection. Versions before before 2.14.2, 2.1…
This Metasploit module uses the “evaluate” request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration. Source: NodeJS Debugger Command Injection
The post NodeJS Debugger Command Injection appeared first on MondoUnix.
Mongoose Web Server version 6.5 suffers from cross site request forgery and remote command execution vulnerabilities.
Source: Mongoose Web Server 6.5 CSRF / Command Execution
The post Mongoose Web Server 6.5 CSRF / Command Execution appeared first on M…
