This Metasploit module exploits the CVE-2020-6207 vulnerability within the SAP EEM servlet of SAP Solution Manager (SolMan) running version 7.2. The vulnerability occurs due to missing authentication checks when submitting a SOAP request to the /EemAdminService/EemAdmin page to get information about connected SMDAgents allowing an attacker to send HTTP requests (SSRF) and execute OS commands on the connected SMDAgent. Works stable in connected SMDAgent with Java version 1.8. Successful exploitation will allow unauthenticated remote attackers to get a reverse shell from connected to the SolMan agent as the user under which it runs SMDAgent service, which is usually daaadm.
0d5122d6fb0ba7f681b7229fc5c197780b51710c6395404115ad8686072b2b08Ubuntu Security Notice 4893-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. It was discovered that extensions could open popup windows with control of the window title in some circumstances. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to spook a website and trick the user into providing credentials. Various other issues were also addressed.
8a437523e73ce057daeba48d3be4cef9d369c27add95e3b06c0ce5653d6f38a1Ubuntu Security Notice 4888-2 - USN-4888-1 fixed several vulnerabilities in ldb. This update provides the corresponding update for Ubuntu 14.04 ESM. Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain LDAP attributes. A remote attacker could possibly use this issue to cause the LDAP server to crash, resulting in a denial of service. Douglas Bagnall discovered that ldb, when used with Samba, incorrectly handled certain DN strings. A remote attacker could use this issue to cause the LDAP server to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1f9ebcf4a58058d14bd496752ae31e54fdd7fc5b208273328e23dc9dde43d308Backdoor.Win32.Kwak.12 malware suffers from bypass and code execution vulnerabilities.
857012a6558e67558b7c29a986146f09de19a504cb20f346a8dc6cc58b9a2ef3Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150.
e35e1937104dc66eacb185dee5eb8adeeab2b99d9f05fd8364987d6dd5a729bdUbuntu Security Notice 3685-2 - USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem.
e7a582a1d121ff1533a65726ffe5c500c137492e966e1ec7c0aec8d1c81203b7Backdoor.Win32.Kwak.12 malware suffers from a bypass vulnerability.
5d4afe8b15be706dade5269fcc5f3da9587a4f35e4f5cc1a8bffd0978776ca90Regis Inventory and Monitoring System version 1.0 suffers from a persistent cross site scripting vulnerability.
f19b16271534173a2daeb300ee8055cc2d30b878ce6d30f3b5dcc96f59deed76Ubuntu Security Notice 4891-1 - It was discovered that OpenSSL incorrectly handled certain renegotiation ClientHello messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
8714c7ff2c3053a074ef8cc312f87835a7b1c3f3372ea751347943c1c7fa9d33GetSimple CMS Custom JS plugin version 0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
f8515a697bd43d6bc1e7a544b80861b8f892d912ba39ee0ded35abda0c9c0518Backdoor.Win32.Kwak.12 malware suffers from bypass and man-in-the-middle vulnerabilities.
e4f9ab9c7f3533f0030d14d8b026a871e1f741f1a7561f977985c27144890066Backdoor.Win32.Kwak.12 malware suffers from a denial of service vulnerability.
f6064b7bc1bed41b2dea4b3739c7fc444408c57e11f23d5ff1b18043c79c86ccDevelopment Kamel KCFinder version 1.7 suffers from a remote shell upload vulnerability.
767d8feb55914271022aee9787fcc915fb010c7584b18d3e7fb163230628b601This whitepaper provides information about how you can hack JWT tokens for fun and profit.
7368748618b4cd6f33d0da05f3cabc301392721ae3b26c2284f7a0e648b15957The Moodle Atto Editor, which does not have versions, suffers from a cross site scripting vulnerability.
1883e936d036e427af9e9c1cce0ad5bc8a0eaa07ad8c7911c5725a720541f3ee
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed