>> ARCHIVE: 2019-11

FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.

FlexAir Access Control version 2.3.38 authenticated remote root exploit that leverages command injection via a SetNTPServer request.

This Metasploit module exploits a command injection vulnerability in the Linear eMerge E3 Access Controller.

Prima Access Control version 2.3.35 authenticated python script upload remote root code execution exploit.

Prima Access Control version 2.3.35 suffers from a persistent cross site scripting vulnerability.

This Metasploit module has been tested with AIX 7.1 and 7.2, and should also work with 6.1. Due to permission restrictions of the crontab in AIX, this module does not…

This Metasploit module exploits a post-auth command injection in the Pulse Secure VPN server to execute commands as root. The env(1) command is used to bypass application whitelisting and run…

This Metasploit module exploits a vulnerability in Bludit. A remote user could abuse the uuid parameter in the image upload feature in order to save a malicious payload anywhere onto…