Acronis Cyber Infrastructure (ACI) is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native applications in production environments. This Metasploit module exploits a default password vulnerability in ACI which allow an attacker to access the ACI PostgreSQL database and gain administrative access to the ACI Web Portal. This opens the door for the attacker to upload SSH keys that enables root access to the appliance/server. This attack can be remotely executed over the WAN as long as the PostgreSQL and SSH services are exposed to the outside world. ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132 are vulnerable.
07990b1f6994d1629f554b31888e1fa6a36fccc954738c75a95e2ac86e270498TitanNit Web Control 2.01 and Atemio 7600 suffer from a PHP code injection vulnerability.
ae322d271852c8f25de18f6d647d31c02a2bc3f366c6ee1f1c7d3ed36bff9c05Ubuntu Security Notice 7015-3 - USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and for python3.5 in Ubuntu 16.04 LTS. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service.
0390e83a0739fcfacc6a5629ced929a50e15b96cabb5e32ff94afb187b1335a3Sistem Penyewaan Baju atau Pakaian Berbasis Web version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6bf344eafaf6c191620e5d4aaa4bda969218a3a332ca545a121590babfb99c51The ABB Cylon Aspect version 3.07.00 BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the host HTTP GET parameter called by networkDiagAjax.php script.
8123a5d0a4c6fa336d0b765079abb5168cf0f686b24baa715db1e55915f315feUbuntu Security Notice 7032-1 - It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling.
19ad4cab25b37facba8c59f772004773b63724edac1ac9aadf381cd6bd195897ABB Cylon Aspect version 3.08.01 MS/BAS controller suffers from an arbitrary file deletion vulnerability. Input passed to the file parameter in databasefiledelete.php is not properly sanitized before being used to delete files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using directory traversal sequences passed within the affected POST parameter.
5dbc986f6601c3bda5e54887231d2fa175f92f4f522e9ef2bc6cd9d2c722d9d9Red Hat Security Advisory 2024-6928-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 is now available. Issues addressed include HTTP response splitting and server-side request forgery vulnerabilities.
e6d296361367127ef2c83d6876e361aa61a44764ac8bad189777d62595cf373fRed Hat Security Advisory 2024-6927-03 - Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 6 is now available. Issues addressed include a HTTP response splitting vulnerability.
a46212c14a8f7f02210b86e19840bd78e0cf8353486be6775227bb55ec86218eUbuntu Security Notice 6885-3 - USN-6885-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions.
31166839dd976fb13f0b4dbd232274dc5adcbdb22f6e4157c52f92b68f799311Dockwatch is a container management web UI for docker. It runs by default without authentication, although guidance is available for how to setup credentials for access. It has a Commands feature that allows a user to run docker commands such as inspect, network, ps. Prior to fix, it did not restrict input for parameters, so both container and parameters for the dockerInspect command were vulnerable to shell command injection on the container as the abc user with (limited) command output. See commits 23df366 and c091e4c for fixes.
4dc88e4bbab7011783c0ecfab89efa0414dbb5928fb33b19bb6580f2eaabe3c2Proof of concept remote code execution exploit for Rejetto HTTP File Server (HFS) version 2.3m.
94abc34636ee9d2ee77ab7b6f4f07a3e5915b2c3ea027b41ba855261a1cd204aA cross site request forgery vulnerability was identified in the Authorization Method of 3DSecure version 2.0, allowing attackers to submit unauthorized form data by modifying the HTTP Origin and Referer headers.
032e3a53c89b7b4a7b7b3de30de850a84f091eca55d4270ee219cc8a08689f23Multiple reflected cross site scripting vulnerabilities in the 3DS Authorization Method of 3DSecure version 2.0 allow attackers to inject arbitrary web scripts via the threeDSMethodData parameter.
6d39badeee9ca588e282577f02ef7077faa513c136944eec8da9e5f0a73a67a8Multiple reflected cross site scripting vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure version 2.0. These flaws allow attackers to inject arbitrary web scripts, CSS, or HTML through the manipulation of the params parameter in the request URL.
5c49c8e7ecdf6ea8c0ca9ef4838d0136aa0e0903e7e668c089948442cca4d4d4Ubuntu Security Notice 6996-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
495c021cebaed12775fb7591f330431d792303b4c0b48774c767ece1790af9e8PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.
ea0edf3e01f27c48e18ff7db4471b92d0d058e7c65718cf02003efd67a75fb49Debian Linux Security Advisory 5765-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
dfab6913b39748bebfcdb6654b977dbe4d0b99559dd95f8e7705706523881d55Ubuntu Security Notice 6988-1 - It was discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. It was discovered that Twisted did not properly sanitize certain input. An attacker could use this vulnerability to possibly execute an HTML injection leading to a cross-site scripting attack.
b3e9ccedfdbf38665257767f0dc668db4901ec80e4f37709d43bcb54502ddae9Debian Linux Security Advisory 5762-1 - The WebKitGTK web engine suffers from multiple vulnerabilities. An anonymous researcher discovered that processing maliciously crafted web content may lead to an unexpected process crash. Huang Xilin discovered that processing maliciously crafted web content may lead to an unexpected process crash. Huang Xilin discovered that processing maliciously crafted web content may lead to an unexpected process crash. More issues are listed in this advisory.
84334a31b07991491b6bf97b8a6dd18f35a882dd2e58fa59b968cb5797f2b082This Metasploit module scans for OKI printers via SNMP, then tries to connect to found devices with vendor default administrator credentials via HTTP authentication. By default, OKI network printers use the last six digits of the MAC as admin password.
8613aa2a1290a7367538b13eddb3594428f9fc32d1fd8e239c7ddb8a9589ca0cThis Metasploit module takes advantage of an authentication bypass vulnerability at the web interface of multiple manufacturers DVR systems, which allows to retrieve the device configuration.
92970fe8576d8a26914e34ab8819055f169c2028d4106ed9aa7fe40e0c3de86bThis Metasploit module exploits a privilege escalation vulnerability found in Microsoft Exchange - CVE-2019-0724 Execution of the module will force Exchange to authenticate to an arbitrary URL over HTTP via the Exchange PushSubscription feature. This allows us to relay the NTLM authentication to a Domain Controller and authenticate with the privileges that Exchange is configured. The module is based on the work by @_dirkjan,.
9f8ccd3febae1d6a5a140ff0111ba4264db42cc77adc0776d3f47273870024c9This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress Plugin "NextGEN Gallery" version 2.1.7, allowing to read arbitrary directories with the web server privileges.
2c0cd7aee77fbdb8a99fcc09f39bd549ae4823975d07eaa06182ce30e5d70738This Metasploit module enumerates wireless credentials from Canon printers with a web interface. It has been tested on Canon models: MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920.
da65789563a5f9123cd5f43ebbf7e23b6c2880e8dec9ba14cd2e0aac0e760202
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed