This Metasploit module exploits an arbitrary command execution vulnerability in Webmin 1.900 and lower versions. Any user authorized to the "Upload and Download" module can execute arbitrary commands with root privileges. In addition, if the Running Processes (proc) privilege is set the user can accurately determine which directory to upload to. Webmin application files can be written/overwritten, which allows remote code execution. The module has been tested successfully with Webmin 1.900 on Ubuntu v18.04.
cb30da254f071764bf5594bfe148a729f959e85798593b2141d4d5c66b873f67This Metasploit module leverages the remote command execution feature provided by the BMC Patrol Agent software. It can also be used to escalate privileges on Windows hosts as the software runs as SYSTEM but only verifies that the password of the provided user is correct. This also means if the software is running on a domain controller, it can be used to escalate from a normal domain user to domain admin as SYSTEM on a DC is DA. **WARNING** The windows version of this exploit uses powershell to execute the payload. The powershell version tends to timeout on the first run so it may take multiple tries.
98f98bd33a671db2ff8429f69a71fe6eaaaef83479578981b7f8a5a1b68913aaSySS GmbH found out that the wireless desktop set Fujitsu LX901 is vulnerable to keystroke injection attacks by sending unencrypted data packets with the correct packet format to the receiver (USB dongle).
555e9592017214071d19547d41a4cd74d3f40548f4da4cae61826dbe7096f255VVMware Security Advisory 2019-0003 - VMware Horizon update addresses Connection Server an information disclosure vulnerability.
7b205eda12fcc1972d7aa2e6bd927406e4d8543c2a4a0949cf97e6713a6981d7VMware Security Advisory 2019-0002 - VMware Workstation update addresses elevation of privilege issues.
e76e88071eec3efb2650ac8cc53a45d5647e3662fc94acac92fb925da7e8cf71Moodle version 3.4.1 remote code execution exploit.
c7b3442c281584a424f874ce9e4379c907c051aa41899073b810f31eed5a2174Mail Carrier version 2.5.1 suffers from a MAIL FROM buffer overflow vulnerability.
fa94e50e2485b506801d6f992c1e86c411a78cbb6e2d4395b32275f97b75867bICE HRM version 23.0 suffers from remote SQL injection and iframe injection vulnerabilities.
271468ab32bd1af6952dfc72ac3a9cc0ff13f868a1f8c61c3d959288f5e41ac0CMS Made Simple Showtime2 module version 3.6.2 suffers from an authenticated arbitrary file upload vulnerability.
fa20c0dbf5abddd0ecf04e638c87694a61d978bf9edf8380b83ae038d3fe85d9Vembu Storegrid Web Interface version 4.4.0 suffers from cross site scripting and information leakage vulnerabilities.
485bbcad6d11b203886c8c7af37fff9950488d4dd0ec1a846a40cd4dc7482a6aNetData versions 1.13.0 and below suffer from an html injection vulnerability.
e4421c08e04764a176d6a020cf1ed805e7e2ddd2b6de19a9bd5c2d46229262cdLaundry CMS suffers from remote SQL injection and iframe injection vulnerabilities.
4412dd67bae98f1d3bbcb70253b472b8cf017a7fb762fa340b484fee624a54ec
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed