This Metasploit module exploits the WANGKONGBAO CNS-1000 and 1100 UTM appliances aka Network Security Platform. This directory traversal vulnerability is interesting because the apache server is running as root, this means we can grab anything we want! For instance, the /etc/shadow and /etc/passwd files for the special kfc:$1$SlSyHd1a$PFZomnVnzaaj3Ei2v1ByC0:15488:0:99999:7::: user.
d703130a4e19f352d116626dfd12e1128953a5fa7ea158f7b83874ecbdf7a357The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.
209515171372e815da32934ab41fdd5f1c336d22022bec1c97308a5b5097d4c3The Siemens Simatic S7-300/400 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.
e012c156c46c53f51452c321377eed31d2bcff3d14db2c6ffe938003af648fc7This Metasploit module attempts to authenticate using a hard-coded backdoor password in the Simatic S7-300 PLC and dumps the device memory using system commands.
d6907293e454a396426319c60a1d46ca00f48f5825d6033b2984938b778a4ca1WANGKONGBAO CNS-1000 and CNS-1100 suffer from a directory traversal vulnerability.
d08faedbde9b8dbd524b59e4193f087991c4d236239f0b21829cb29d78dfe7f3This Metasploit module exploits a stack buffer overflow vulnerability in NJStar Communicator Version 3.00 MiniSMTP server. The MiniSMTP application can be seen in multiple NJStar products, and will continue to run in the background even if the software is already shutdown. According to the vendor's testimonials, NJStar software is also used by well known companies such as Siemens, NEC, Google, Yahoo, eBay; government agencies such as the FBI, Department of Justice (HK); as well as a long list of universities such as Yale, Harvard, University of Tokyo, etc.
44083d9c71272bc52555d936d0b249f9a4093505dbbca952c03e4cf194db20b3KingView version 6.53 SCADA HMI heap overflow proof of concept exploit.
756238865e761c8e5c2055ba2ba802745cf3ac23518d9635de69403c333d7b1aMotorola SB5101 Hax0rware event reset remote overflow exploit.
532fb9884b7cc9cda3a400d902285594780f8388a8a9e422be8e5b934d9f7dfbMotorola SB5101 Hax0rware Rajko HTTPd remote proof of concept denial of service exploit.
f11e4c8e042ceb2366c5e971c759cb7848d1150fcf836c96cb932f831a22d2e8AVCON version 4.6.8.7 local buffer overflow exploit.
1a8a480461d0d3c2498b083537be67c68a7297cd1eb60d87123ba8dc696ca7e6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed