This Metasploit module exploits an authentication bypass vulnerability in the F5 BIG-IP iControl REST service to gain access to the admin account, which is capable of executing commands through the /mgmt/tm/util/bash endpoint. Successful exploitation results in remote code execution as the root user.
bb3a5bef34f53053f0da7eec9cad038bc4f47a0997b2e9cd601a17a1f034a0adF5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.
2c3224e25af9797e9d7139c7d759da88b2eae07b09d164c4bf3a7423cfb95c06Prinect Archive System 2015 release 2.6 suffers from a cross site scripting vulnerability.
a1f6530c485651823b237a796a243f26c35c4e1e6f0147e5bf4bd437de341654Fortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to extracting local and ldap users.
f5f61f0e91fb1492f3cc43981bb89d49f791427a38840fc17d42980c9a25194cFortify Software Security Center versions 17.10, 17.20, and 18.10 suffer from an insecure direct object reference vulnerability related to user projects.
d6e235c49d00e4d533f28b00647cf63de21e373e8951706d91b44ddbf61ed5c4Ektron CMS version 9.20 SP2 suffers from an improper access restriction vulnerability.
fd1f946762d555d6b36ddb6d80407a3437fbb0467bbad67303c164182e27d9fbFortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.
f3e1c3959ab0ee3579f60e32fbe1e85917f22334a58f48d1e070937e0785d71bNtop v1.1 for Solaris/x86 contains a remotely exploitable buffer overflow in the http server which defaults to tcp port 8080.
2a782b423c71b7af0e40453edb9508bf1af85c5776966f021fe5b239fb24adbcThe QVT/NET 4.3 FTP Server and the Shambala FTP Server for Windows 9x/NT/2000 contains remote vulnerabilities which allow users to see and retrieve any file on the server. Exploit information included.
40f5fee603c5fb9de026a015b88a134d7d3e0fdf79a92fe4ca6eb6a136c06883Robpoll.cgi is a free cgi based admin program for Unix and NT which has remote vulnerabilities allowing remote users to execute any command on the remote system with the priveleges of the web server. In addition, anyone can read any file on the remote system with the webserver UID.
bc0607609836ddf0e5923a2902e5194cc19852cc1fd731afa6d4b7bc8745952aThe CGI scanner by alt3kx_h3z finds 218 remote CGI vulnerabilities.
4c4dd5c84d18986b5cc3c312f994fbf87c9e8411d0c68c2b2fc9b7b3e855b5f8Exploit for Wu-ftpd 2.5 overflow - In spanish.
204719628ade4ca4bab296e3c06a5388f3996b2c89c9c34723d54c33fc2d8695
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed