Numerous remote code execution paths were discovered in TP-Link’s WR940N home WiFi router. Valid credentials are required for this attack path. It is possible for an authenticated attacker to obtain a remote shell with root privileges. Source: TP-Link WR940N Remote Code Execution
The post TP-Link WR940N Remote Code Execution appeared first on MondoUnix.
Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.
Source: Shadowsocks-libev 3.1.0 Command Execution
The post Shadowsocks-libev 3.1.0 Command Execution appeared first on MondoUnix.
Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 […]
The post Shadowsocks Log Manipulation / Command Execution appeared first on MondoUnix.
This Metasploit module uploads a jsp payload and executes it.
Source: Tomcat JSP Upload Bypass Remote Code Execution
The post Tomcat JSP Upload Bypass Remote Code Execution appeared first on MondoUnix.
This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. The Trend Micro Officescan product has a widget feature which is implemented […]
The post Trend Micro OfficeScan Remote Code Execution appeared first on MondoUnix.
Apache Tomcat versions prior to 7.0.8, 8.0.47, 8.5.23, and 9.0.1 (Beta) JSP upload bypass and code execution exploit.
Source: Apache Tomcat Upload Bypass / Remote Code Execution
The post Apache Tomcat Upload Bypass / Remote Code Execution appeared firs…
This Metasploit module leverages a privilege escalation on OrientDB to execute unsandboxed OS commands. All versions from 2.2.2 up to 2.2.22 should be vulnerable.
Source: OrientDB 2.2.x Remote Code Execution
The post OrientDB 2.2.x Remote Code Executio…
UCOPIA Wireless Appliance versions 5.1 and below suffer from a captive portal remote root code execution vulnerability.
Source: UCOPIA Wireless Appliance 5.1 Code Execution
The post UCOPIA Wireless Appliance 5.1 Code Execution appeared first on MondoUn…
Netgear ReadyNAS Surveillance version 1.4.3-16 suffers from a remote command execution vulnerability.
Source: Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution
The post Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution appea…
e2openplugin OpenWebif versions 0.2.9 through 1.2.4 suffer from a code execution vulnerability.
Source: e2openplugin OpenWebif 1.2.4 Code Execution
The post e2openplugin OpenWebif 1.2.4 Code Execution appeared first on MondoUnix.
