SaltStack Salt Master/Minion Unauthenticated Remote Code Execution

Posted by deepcore on May 13, 2020 – 8:53 pm

This Metasploit module exploits unauthenticated access to the runner() and _send_pub() methods in the SaltStack Salt master’s ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to execute code as root on either the master or on select minions. VMware vRealize Operations Manager versions 7.5.0 through 8.1.0 are known to be affected by the Salt vulnerabilities. Tested against SaltStack Salt 2019.2.3 and 3000.1 on Ubuntu 18.04, as well as Vulhub’s Docker image.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Netsweeper WebAdmin unixlogin.php Python Code Injection Adobe DNG SDK Memory Corruption »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

SaltStack Salt Master/Minion Unauthenticated Remote Code Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL