This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most likely vulnerable if the (non-default) SSL option is turned off. By sending a specially crafted packet, an attacker can execute commands remotely. The service is […]
The post HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution appeared first on MondoUnix.
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT … into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave […]
The post Oracle MySQL UDF Payload Execution appeared first on MondoUnix.
Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on PAN-OS versions 6.1.18 and earlier, PAN-OS versions 7.0.18 and earlier, PAN-OS versions 7.1.13 and earlier, and…
Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl.
Source: Polycom Shell HDX Series Traceroute Command Execution
This Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
Source: Microsoft Office Equation Editor Code Execution
The post Microsoft Office Equation Ed…
Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.
Source: Synology StorageManager 5.2 Remote Command Execution
The post Synology StorageManager 5.2 Remote Command Execution appeared first on Mo…
pfSense versions 2.3.1_1 and below contain a remote command execution vulnerability post authentication in the system_groupmanager.php page.
Source: pfSense 2.3.1_1 Remote Command Execution
The post pfSense 2.3.1_1 Remote Command Execution appeared fir…
This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 (CVE-2015-0096). The created LNK file is similar except an additional SpecialFolderDataBlock is included. The folder ID set in this SpecialFolderDataBlock is set to the […]
The post Microsoft Windows LNK File Code Execution appeared first on MondoUnix.
This Metasploit module exploits an arbitrary command execution vulnerability in tnftp’s handling of the resolved output filename – called “savefile” in the source – from a requested resource. If tnftp is executed without the -o command-line option, it will resolve the output filename from the last component of the requested resource. If the output filename […]
The post tnftp “savefile” Arbitrary Command Execution appeared first on MondoUnix.
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege on the target…