This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell.
e8f57e714dbbdcf280d1f87e4b85a1b3This Metasploit module exploits an OS Command Injection vulnerability in Cambium ePMP1000 device management portal. It requires any one of the following login credentials - admin/admin, installer/installer, home/home - to set up a reverse netcat shell. The module has been tested on versions 3.1-3.5-RC7.
5481d93d50d546555a22281fcd4dd6d7Progea Movicon versions 11.5.1181 and below suffer from search path related vulnerabilities.
1de6e04aa62eca5a923d8fc55a9f1748SpiderControl SCADA Web Server versions 2.02.0007 and below suffer from an improper privilege management vulnerability.
d6acb33e7b8598a0c01679e484876aefJanTek JTC-200 RS232-NET Connector suffers from cross site request forgery and missing authentication vulnerabilities.
020bc5ac941329974bf88c561dc914f2Trihedral VTScada versions prior to 11.2.26 suffer from resource consumption, cross site scripting, and information disclosure vulnerabilities.
cb976665ca752634c866774df96acaffSchneider Electric Wonderware InduSoft Web Studio versions 8.0 Patch 3 and below suffer from having incorrect default permissions.
2b609eb1e1a05b44853880ed5da03f26Digital Canal Structural Wind Analysis versions 9.1 and below suffer from a buffer overflow vulnerability.
a7290e29db03e678669abbc187954af5Microsoft Machine Debug Manager (mdm) suffers from dll hijacking vulnerabilities.
3c06775c91214d9d0ce304e8f6548704Microsoft Office Patch Installer suffers from dll hijacking vulnerabilities.
2b690a8c242cf48c547db68a1f8c4cd8Cambium products suffer from SNMP access control issues that may allow for unauthorized changes to the device configuration. Models affected include Cambium ePMP 1000, Cambium ePMP 2000, Cambium PMP XXX, and Cambium ForceXXX models.
554ca0450724f285790b803edba59020SenNet data logger and electricity meter appliances suffer from insecure configuration and OS command injection vulnerabilities.
5ed44024950355678f2a08408a51601dSielco Sistemi Winlog SCADA Software versions prior to 3.02.01 suffer from a dll hijacking vulnerability.
aeab43959e2123f0d35c8a06fcd50a72The VMU-C webserver suffers from cross site request forgery, cross site scripting, access control, weak credential management, and insecure storage vulnerabilities. VMU-C EM prior to firmware Version A11_U05 and VMU-C PV prior to firmware Version A17 are affected.
07e16456b846d15782e24a428bd71425LAquis SCADA version 4.1 suffers from access control issues.
ceb0e533f4ea33ad349ea2f06a537f58BINOM3 power meter suffers from cross site request forgery, weak credential management, information leakage, and cross site scripting vulnerabilities.
d3b962dd9399e12820541f494aab84e9ELNet Power Meter suffers from unauthenticated web management access and weak credential management vulnerabilities.
cf1143f9d2b04d82c5fbab8053f374b0Powerlogic / Schneider Electric IONXXXX series smart meters suffers from cross site request forgery and missing access control vulnerabilities.
107490206644c5dbd12193222b6899e7Halliburton LogView Pro version 9.7.5 crash proof of concept exploit.
ad3d14dfe852c992951fd5f07efd5672mySCADAPro version 7 suffers from a local privilege escalation vulnerability.
13ca9dd3461d2330fde02a8f60761b2cMediaCoder version 0.8.43.5852 SEH buffer overflow exploit that spawns calc.exe.
1c1fa76792e4d6df15ec3eff7959ef23CoolPlayer+ Portable version 2.19.6 m3u stack overflow exploit with egghunter shellcode and aslr bypass.
76cdc69cd07deceac6f7097d0e6c81f3TFTP server version 1.4 WRQ buffer overflow exploit with egghunter shellcode.
fe5dce41ea7ae479599f167ae29fb639RS232-NET Converter (JTC-200) suffers from cross site request forgery and weak credential management vulnerabilities along with unauthenticated access over telnet.
95d9eee550ca7a6c748d43980a13c9a7CIMA DocuClass ECM suffers from cross site request forgery, cross site scripting, direct object reference, and remote SQL injection vulnerabilities.
39195591cc4aeb66a93e69cc233cb79f
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed