This Metasploit module targets an authentication bypass vulnerability in the mini_http binary of several Netgear Routers running firmware versions prior to 1.2.0.88, 1.0.1.80, 1.1.0.110, and 1.1.0.84. The vulnerability allows unauthenticated attackers to reveal the password for the admin user that is used to log into the routers administrative portal, in plaintext. Once the password has been been obtained, the exploit enables telnet on the target router and then utiltizes the auxiliary/scanner/telnet/telnet_login module to log into the router using the stolen credentials of the admin user. This will result in the attacker obtaining a new telnet session as the "root" user. This vulnerability was discovered and exploited by an independent security researcher who reported it to SSD.
b64800ebe35ccd348243151eddc846891e371e499d5629a34a60850c0cbe7c61This Metasploit module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in property_box.php. This Metasploit module was tested against Oracle Secure Backup version 10.3.0.1.0 (Win32).
6863a81671e2c9181fc762b376462302051ea799490c07fe8f165bc20e6d3514This Metasploit module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in property_box.php. This Metasploit module was tested against Oracle Secure Backup version 10.3.0.1.0 (Win32).
16474ed0f873351c852148c57a073ca86fa3cdb0b63dfb8b35602ac09c210c32This Metasploit module exploits CVE-2024-5806, an authentication bypass vulnerability in the MOVEit Transfer SFTP service. The following version are affected: * MOVEit Transfer 2023.0.x (Fixed in 2023.0.11) * MOVEit Transfer 2023.1.x (Fixed in 2023.1.6) * MOVEit Transfer 2024.0.x (Fixed in 2024.0.2) The module can establish an authenticated SFTP session for a MOVEit Transfer user. The module allows for both listing the contents of a directory, and the reading of an arbitrary file.
e42c18fe2ecf06ede012b90f30e4d6c190c704e7d0189584fe141737a2f2eeabThis Metasploit module will extract Domain Controller credentials from vulnerable installations of HP SNAC as distributed with HP ProCurve 4.00 and 3.20. The authentication bypass vulnerability has been used to exploit remote file uploads. This vulnerability can be used to gather important information handled by the vulnerable application, like plain text domain controller credentials. This Metasploit module has been tested successfully with HP SNAC included with ProCurve Manager 4.0.
aed454bc14ce73f32076d32a64079806c8be0da490907a6f04fd8ad00e038838This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.
d84c00616d548716b9414d5a60ebf17fd0c1065bb413ce49d1a747e954c01fc0Red Hat Security Advisory 2024-5982-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.
dea1c5df22b38b677801b6ea524c8a48a81a0f3f2ae4e8d30dd88d017d8b57a9Red Hat Security Advisory 2024-5980-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
ac70b27d0174b640b0084de261db2ac80e0a082b60086fd3fed81943b2c9a0b1Medical Center Portal version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4d30a67a0ab94c8ceed55ef0165e2eedf1d276131b5341cfc581bf2954c04b02Red Hat Security Advisory 2024-5815-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
569f61780dc9652437da28a87851c83315d45be578fe00cbe44247b6034288abLogin System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6246efe507f796ffbcf438b89a4e64415367c7c634bcb20d80f59a253f813619Loan Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ed75910910f3f594bf680ca801e599334e60fa3ca166470f03bfa31c27d4c6c4Employee Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
48f74abd4ae2b0a4eefcbc41869e56c73b5b26ad8ea6f55bc7ef2939ebb312a7DETS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8e871e7f49c2379860d7b67c7b6819a9dfb93577e9139f8863c582714f30982aCompany Visitor Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a3ae790e1f332d8ff787915e2feb853d7c3e614aeaea67361861ea7d18bb27dfClient Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
25d183ad1ab808d8eb37c605403875c32f55a1eb9742ca2f0a1e77e0b7ce0951CCMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
de9151d5ff302677fb5da77053693b392b8644cb6845abb56a920fd62a7f579cBiobook Social Networking Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fa0e4caf860abda8bbabc5103e38c78e393907f876e4a4b9d5dd3cb7513396cfAVMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
44299386859b222bfbf61e5b31081de5872353d1be32639a637563ae9c557c3fKarya Online Shopping Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ace5835235cc9816aa9586e82f7882eca16802f166866858074cc02f513e907cRed Hat Security Advisory 2024-5200-03 - Red Hat OpenShift Container Platform release 4.12.63 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.
2567d437c092512847a194b9f32fd74daa5a5e813f3857ccbe039c9ba188cc54Human Resource Management System 2024 version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3800f1816111f1edbb9091c2250c05c9601784c51aa09742476281c2862e85c3Hotel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2536c30b03f92e1a431ba68657f0b804165f343b2b4f604f1211f7bfc5be9a1aRed Hat Security Advisory 2024-5315-03 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.
2e3007243d9646ee5654809507539754868647eb457320815e16f0558cbe2b6bCovid-19 Contact Tracing System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0c9a223b69d6a377b6cf0c3047b15449f6cae89ac1c6076515f63597195aa5da
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed