Showing 1 - 2 of 2

Files from Gjoko Krstic

Optergy Proton And Enterprise BMS 2.0.3a Command Injection: Posted Mar 28, 2023; Authored by h00die-gr3y, Gjoko Krstic | Site metasploit.com; This Metasploit module exploits an undocumented backdoor vulnerability in the Optergy Proton and Enterprise Building Management System (BMS) applications. Versions 2.0.3a and below are vulnerable. Attackers can exploit this issue by directly navigating to an undocumented backdoor script called Console.jsp in the tools directory and gain full system access. Successful exploitation results in root command execution using sudo as user optergy.; tags | exploit, root; advisories | CVE-2019-7276; SHA-256 | 33babb5810832b13a94e71c123fd7427e2dfe9cd4f92a96b062b362c7592affd; Download | Favorite | View

Linear eMerge E3-Series Access Controller Command Injection: Posted Jan 5, 2023; Authored by h00die-gr3y, Gjoko Krstic | Site metasploit.com; This Metasploit module exploits a command injection vulnerability in the Linear eMerge E3-Series Access Controller. The Linear eMerge E3 versions 1.00-06 and below are vulnerable to unauthenticated command injection in card_scan_decoder.php via the No and door HTTP GET parameter. Successful exploitation results in command execution as the root user.; tags | exploit, web, root, php; advisories | CVE-2019-7256; SHA-256 | 1fd51575a69b265ae06a105677705b12fb58d93fd9bd59aaebb488726841bfee; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days