This Metasploit module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote code execution.
b8f01f84c845398fb04cba37588088d6bbc790b0fc0bdf524f55915dd6be6c52If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install_4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it.
806d396b8f8393708196c84967f4c3db14adf4f64c443cf3f37029101e6385f9This Metasploit module exploits a remote code execution vulnerability in Exodus Wallet. A vulnerability in the ElectronJS Framework protocol handler can be used to get arbitrary command execution if the user clicks on a specially crafted URL.
71dfdd11a543d029057c8944a5a65b07ea8d8305fc5534962c0d5f2e9e49b452This Metasploit module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise version 10.4.18, caused by improper bounds checking of the request sent to the built-in server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
c4a63ea927eadbd15aa533b676da7de90e2feda0be34e3eccaea539cebab75b2This Metasploit module exploits a stack-based buffer overflow vulnerability in the CloudMe Sync version 1.10.9 client application. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
e772df2bb9bc2559a8e1ce1faef1106d0f6d2691866412f3c6f64ad143790589Disk Pulse Enterprise version 10.4.18 suffers from an import command buffer overflow vulnerability.
e307de6489283b8b1af2c0fffeb4c6bc4cd2451976ad9a55965eb047eda2f56cDisk Savvy Enterprise version 10.4.18 suffers from a buffer overflow vulnerability.
dd90908461a70ffb033221b05079a153d313a0f457e111ed680c67fc2c96cec1This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
9e66581c3952dd3cb70260f079d2681e43c224c9773b59e41966964f02086b66This Metasploit module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file.
ada5d696765b728572e1a595fac470a36fc9c4ab834fd1652c6a8cf1e8b799c1This Metasploit module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
241e34b13eab130be620a23f461dd59501c6111482d96e813435aadcb049ca4bThis Metasploit module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denial-of-service condition on the FTP client, or arbitrary remote code execution under the context of the user if successfully exploited.
e500bee98162a4112d002590455f02ce9655420dd5457db5a183759e204c9acaThis Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
5199a2e5cc5662ac54e66b7146c5c6b94ee41102ab904bac8eb917c52c3801dcThis Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
5ff2902a3ec062393e0570fee4f1cc86ff341942ea0f0f52a2987780cddb68ecThis Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Dup Scout Enterprise v9.5.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
46f09d2f260a4c795547b4cce19e1ae4b6b57750101f9224839a951a9912fc72This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
866e21d79501ea487d559431b3368082a2de3dd683255e5247782c95b4d89bddSync Breeze Enterprise version 9.5.16 SEH GET buffer overflow exploit.
bf368bde889dcf902b06ff92a9af6600b8ec55a5ba19e600159382f811b399a3Sync Breeze Enterprise version 9.5.16 suffers from an import command buffer overflow vulnerability.
92904136e8d75735d3fca251e7d6585a845b1133240bfbaf44518eb4a65108b7Disk Sorter Enterprise version 9.5.12 GET buffer overflow SEH exploit.
9bcbe319bc61fad1c46803139c12a81d49aef3ac226ad042a33e2cd8d25b179cVarious routers such as the AirLive ARM-204, AirLive WT-2000ARM, D-Link DVA-G3170i/PT, Edimax AR-7084ga, Huawei, Aolynk DR814Q, DrayTek Vigor2700 series, DrayTek Vigor2920 series, Thomson TG784, and ZyXEL P-660RU-T1v3 re-embed the password in a hidden field of the web management interface.
c834792f6018eb0bbf413092b9ac178bde5b3dfba17992207e84bbb00f34d14c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed