Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.
>> CATEGORY: exploit
Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.
Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 suffer from having hard-coded secrets, missing authentication, backdoors, and remote code execution vulnerabilities.
Revive Adserver versions 5.0.4 and below suffer from bypass and open redirection vulnerabilities.
Phoenix Contact TC Router and TC Cloud Client versions 2.05.3 and below, 2.03.17 and below, and 1.03.17 and below suffer from authenticated command injection and various other vulnerabilities.
This Metasploit module exploits a Java deserialization vulnerability in the getChartImage() method from the FileStorage class within ManageEngine Desktop Central versions below 10.0.474. Tested against 10.0.465 x64.
CentOS Webpanel version 7 suffers from a remote SQL injection vulnerability.
AnyBurn version 4.8 SEH buffer overflow exploit.
Drobo 5N2 version 4.1.1 suffers from a remote command injection vulnerability.
rConfig version 3.9 suffers from a remote SQL injection vulnerability.
rConfig version 3.93 suffers from an authenticated ajaxAddTemplate.php remote code execution vulnerability.