This Metasploit module exploits a vulnerability in Oracle Application Testing Suite (OATS). In the Load Testing interface, a remote user can abuse the custom report template selector, and cause the DownloadServlet class to read any file on the server as SYSTEM. Since the Oracle application contains multiple configuration files that include encrypted credentials, and that there are public resources for decryption, it is actually possible to gain remote code execution by leveraging this directory traversal attack. Please note that authentication is required. By default, OATS has two built-in accounts: default and administrator. You could try to target those first.
6768bb30a4e171d5b23ae9e466794b809255fbc336984aad796d15fe8f495a0bApache Struts versions 2.0.0 through 2.3.37 (EOL), 2.5.0 through 2.5.32, and 6.0.0 through 6.3.0 suffer from an issues where an attacker can manipulate file upload parameters to enable a path traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform remote code execution.
3eabd0d7746d3af616a6a03f2fad7d9609f5c2a795390784bc379146a76826ad
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed