Oracle Hyperion Planning version 11.1.2.3 suffer from an XML external entity injection vulnerability.
0d39d0644d09bb4d3dfa4a22cb5642fb82abaeb26cae5531a648ce129b94e1a3
This Metasploit module exploits inadequate access controls within the Schneider Electric Pelco Endura NET55XX webUI to enable the SSH service and change the root password. This module has been tested successfully on: NET5501, NET5501-I, NET5501-XT, NET5504, NET5500, NET5516, NET550 versions.
9f1a1fca209500f23a5d828a6c170bd77e26b7a3c4b045f75fc08a8419a6a484