CVE-2020-4429

Related Files

IBM Data Risk Manager 2.0.3 Remote Code Execution

Posted May 5, 2020

Authored by Pedro Ribeiro | Site metasploit.com

IBM Data Risk Manager (IDRM) contains three vulnerabilities that can be chained by an unauthenticated attacker to achieve remote code execution as root. The first is an unauthenticated bypass, followed by a command injection as the server user, and finally abuse of an insecure default password. This module exploits all three vulnerabilities, giving the attacker a root shell. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

tags | exploit, remote, shell, root, vulnerability, code execution

advisories | CVE-2020-4427, CVE-2020-4428, CVE-2020-4429

SHA-256 | 5e042f223b6191ace28628a3b791fe40265ee2b640aac230d6977add6e767672

Download | Favorite | View

IBM Data Risk Manager 2.0.3 Default Password

Posted May 5, 2020

Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module abuses a known default password in IBM Data Risk Manager. The a3user has the default password idrm and allows an attacker to log in to the virtual appliance via SSH. This can be escalate to full root access, as a3user has sudo access with the default password. At the time of disclosure, this is a 0day. Versions 2.0.3 and below are confirmed to be affected, and the latest 2.0.6 is most likely affected too.

tags | exploit, root

advisories | CVE-2020-4429

SHA-256 | 93ca159b01584a7ade8620b17077cdc4619743113ed1b5b8a46d288369f9b00a

Download | Favorite | View