ManageEngine EventLog Analyzer Remote Code Execution

Posted by deepcore on September 30, 2015 – 7:56 am

This Metasploit module exploits a SQL query functionality in ManageEngine EventLog Analyzer v10.6 build 10060 and previous versions. Every authenticated user, including the default “guest” account can execute SQL queries directly on the underlying Postgres database server. The queries are executed as the “postgres” user which has full privileges and thus is able to write files to disk. This way a JSP payload can be uploaded and executed with SYSTEM privileges on the web server. This Metasploit module has been tested successfully on ManageEngine EventLog Analyzer 10.0 (build 10003) over Windows 7 SP1.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« WinRAR SFX 5.21 Remote Code Execution Rowhammer Linux Kernel Privilege Escalation Proof Of Concept »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

ManageEngine EventLog Analyzer Remote Code Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL