Subscribe via feed.

Dell KACE K1000 File Upload

Posted by deepcore on April 14, 2016 – 11:16 am

This Metasploit module exploits a file upload vulnerability in Kace K1000 versions 5.0 to 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 which allows unauthenticated users to execute arbitrary commands under the context of the ‘www’ user. This Metasploit module also abuses the ‘KSudoClient::RunCommandWait’ function to gain root privileges. This Metasploit module has been tested successfully with Dell KACE K1000 version 5.3.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.