This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell.
e8f57e714dbbdcf280d1f87e4b85a1b3
This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions 3.1-3.5-RC7.
5481d93d50d546555a22281fcd4dd6d7
Progea Movicon versions 11.5.1181 and below suffer from search path related vulnerabilities.
1de6e04aa62eca5a923d8fc55a9f1748
SpiderControl SCADA Web Server versions 2.02.0007 and below suffer from an improper privilege management vulnerability.
d6acb33e7b8598a0c01679e484876aef
JanTek JTC-200 RS232-NET Connector suffers from cross site request forgery and missing authentication vulnerabilities.
020bc5ac941329974bf88c561dc914f2
Trihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.
cb976665ca752634c866774df96acaff
Schneider Electric Wonderware InduSoft Web Studio versions 8.0 Patch 3 and below suffer from having incorrect default permissions.
2b609eb1e1a05b44853880ed5da03f26
Digital Canal Structural Wind Analysis versions 9.1 and below suffer from a buffer overflow vulnerability.
a7290e29db03e678669abbc187954af5
Microsoft Machine Debug Manager (mdm) suffers from dll hijacking vulnerabilities.
3c06775c91214d9d0ce304e8f6548704
Microsoft Office Patch Installer suffers from dll hijacking vulnerabilities.
2b690a8c242cf48c547db68a1f8c4cd8
Cambium products suffer from SNMP access control issues that may allow for unauthorized changes to the device configuration. Models affected include Cambium ePMP 1000, Cambium ePMP 2000, Cambium PMP XXX, and Cambium ForceXXX models.
554ca0450724f285790b803edba59020
SenNet data logger and electricity meter appliances suffer from insecure configuration and OS command injection vulnerabilities.
5ed44024950355678f2a08408a51601d
Sielco Sistemi Winlog SCADA Software versions prior to 3.02.01 suffer from a dll hijacking vulnerability.
aeab43959e2123f0d35c8a06fcd50a72
The VMU-C webserver suffers from cross site request forgery, cross site scripting, access control, weak credential management, and insecure storage vulnerabilities. VMU-C EM prior to firmware Version A11_U05 and VMU-C PV prior to firmware Version A17 are affected.
07e16456b846d15782e24a428bd71425
LAquis SCADA version 4.1 suffers from access control issues.
ceb0e533f4ea33ad349ea2f06a537f58
BINOM3 power meter suffers from cross site request forgery, weak credential management, information leakage, and cross site scripting vulnerabilities.
d3b962dd9399e12820541f494aab84e9
ELNet Power Meter suffers from unauthenticated web management access and weak credential management vulnerabilities.
cf1143f9d2b04d82c5fbab8053f374b0
Powerlogic / Schneider Electric IONXXXX series smart meters suffers from cross site request forgery and missing access control vulnerabilities.
107490206644c5dbd12193222b6899e7
Halliburton LogView Pro version 9.7.5 crash proof of concept exploit.
ad3d14dfe852c992951fd5f07efd5672
mySCADAPro version 7 suffers from a local privilege escalation vulnerability.
13ca9dd3461d2330fde02a8f60761b2c
MediaCoder version 0.8.43.5852 SEH buffer overflow exploit that spawns calc.exe.
1c1fa76792e4d6df15ec3eff7959ef23
CoolPlayer+ Portable version 2.19.6 m3u stack overflow exploit with egghunter shellcode and aslr bypass.
76cdc69cd07deceac6f7097d0e6c81f3
TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.
fe5dce41ea7ae479599f167ae29fb639
RS232-NET Converter (JTC-200) suffers from cross site request forgery and weak credential management vulnerabilities along with unauthenticated access over telnet.
95d9eee550ca7a6c748d43980a13c9a7
CIMA DocuClass ECM suffers from cross site request forgery, cross site scripting, direct object reference, and remote SQL injection vulnerabilities.
39195591cc4aeb66a93e69cc233cb79f