BMC Server Automation RSCD Agent NSH Remote Command Execution
Posted by deepcore on February 1, 2018 – 10:54 am
This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Note: Under Windows, non-powershell commands may need to be prefixed with ‘cmd /c’.
Post a reply
You must be logged in to post a comment.