adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0cd174c5337a839ad5e7507c1a3e76c8ced2c515
metasploit-gs/documentation/modules/exploit/linux/http
T
History
Jack Heysel 0aa20c73a4 Land #18832, Add exploit module CVE-2023-47218 
The PR adds a module targeting CVE-2023-47218, an
unauthenticated command injection vuln affecting QNAP
QTS and QuTH Hero.
2024-02-21 08:48:30 -08:00
..
alienvault_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
apache_airflow_dag_rce.md
Move module and documentation from multi/http to linux/http
2023-09-17 22:42:26 +08:00
apache_couchdb_cmd_exec.md
apache_druid_js_rce.md
apache_nifi_h2_rce.md
apache nifi h2 rce
2023-08-08 17:44:35 -04:00
apache_ofbiz_deserialization_soap.md
apache_ofbiz_deserialization.md
fix ofbiz auto detection
2024-02-06 16:45:02 -05:00
apache_spark_rce_cve_2022_33891.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
apache_superset_cookie_sig_rce.md
superset rce more stable
2023-09-15 16:29:05 -04:00
artica_proxy_auth_bypass_service_cmds_peform_command_injection.md
asuswrt_lan_rce.md
axis_app_install.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
axis_srv_parhand_rce.md
bitbucket_git_cmd_injection.md
add documentation
2022-09-20 18:45:48 -05:00
bludit_upload_images_exec.md
cacti_unauthenticated_cmd_injection.md
fix typo and add credit for discovery
2022-12-23 11:11:31 +02:00
cayin_cms_ntp.md
centreon_pollers_auth_rce.md
centreon_useralias_exec.md
chamilo_unauth_rce_cve_2023_34960.md
Final minor updates
2023-08-23 11:38:07 +00:00
cisco_asax_sfr_rce.md
Added module for CVE-2022-20828
2022-08-19 12:29:37 -07:00
cisco_firepower_useradd.md
cisco_hyperflex_file_upload_rce.md
cisco_hyperflex_hx_data_platform_cmd_exec.md
cisco_prime_inf_rce.md
cisco_rv32x_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
cisco_rv340_lan.md
Fix up remaining review comments
2023-02-13 15:07:25 -06:00
cisco_rv_series_authbypass_and_rce.md
cisco_ucs_cloupia_script_rce.md
cisco_ucs_rce.md
control_web_panel_login_cmd_exec.md
Fix a typo
2023-01-25 13:45:18 -05:00
cpi_tararchive_upload.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
craftcms_unauth_rce_cve_2023_41892.md
Some minor changes to the module and documentation
2023-12-18 08:23:16 +00:00
cve_2019_1663_cisco_rmi_rce.md
dcos_marathon.md
denyall_waf_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
dlink_dir850l_unauth_exec.md
dlink_dsl2750b_exec_noauth.md
dlink_dwl_2600_command_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
docker_daemon_tcp.md
elfinder_archive_cmd_injection.md
epmp1000_get_chart_cmd_shell.md
epmp1000_ping_cmd_shell.md
eyesofnetwork_autodiscovery_rce.md
f5_bigip_tmui_rce_cve_2020_5902.md
Rename the other TMUI RCE module
2023-11-01 16:55:42 -04:00
f5_bigip_tmui_rce_cve_2023_46747.md
Add check code annotations, update AJP link
2023-11-02 08:53:56 -04:00
f5_icontrol_rce.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
f5_icontrol_rest_ssrf_rce.md
f5_icontrol_rpmspec_rce_cve_2022_41800.md
Check in exploit module for CVE-2022-41800
2022-11-16 12:04:18 -08:00
f5_icontrol_soap_csrf_rce_cve_2022_41622.md
Check in exploit script for CVE-2022-41622 (CSRF into SOAP)
2022-11-16 11:58:15 -08:00
flir_ax8_unauth_rce_cve_2022_37061.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
fortinac_keyupload_file_write.md
Update documentation to provide better installation instructions
2023-03-14 10:13:27 -05:00
fortinet_authentication_bypass_cve_2022_40684.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
froxlor_log_path_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
geutebruck_cmdinject_cve_2021_335xx.md
geutebruck_instantrec_bof.md
geutebruck_testaction_exec.md
github_enterprise_secret.md
spelling change per review
2022-11-23 13:26:19 -06:00
glinet_unauth_rce_cve_2023_50445.md
Capitalize remaining references to Meterpreter
2024-01-23 13:11:03 -05:00
glpi_htmlawed_php_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
goahead_ldpreload.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
goautodial_3_rce_code_injection.md
grandstream_gxv31xx_settimezone_unauth_cmd_exec.md
grandstream_ucm62xx_sendemail_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
gravcms_exec.md
h2_webinterface_rce.md
h2 doc addition
2023-08-08 17:15:22 -04:00
hadoop_unauth_exec.md
hikvision_cve_2021_36260_blind.md
hp_van_sdn_cmd_inject.md
huawei_hg532n_cmdinject.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
ibm_drm_rce.md
ibm_qradar_unauth_rce.md
imperva_securesphere_exec.md
ipfire_bashbug_exec.md
ipfire_oinkcode_exec.md
ipfire_pakfire_exec.md
ipfire_proxy_exec.md
ivanti_connect_secure_rce_cve_2023_46805.md
Update documentation/modules/exploit/linux/http/ivanti_connect_secure_rce_cve_2023_46805.md
2024-01-18 09:18:28 +00:00
ivanti_connect_secure_rce_cve_2024_21893.md
remove the linux and unix targets in favor of a single automatic target
2024-02-09 09:26:08 +00:00
ivanti_csa_unauth_rce_cve_2021_44529.md
Apply fixes per code review
2023-01-17 12:44:22 -06:00
ivanti_sentry_misc_log_service.md
Thanks to Spencer improved execute_command method
2023-09-12 15:14:10 -04:00
jenkins_cli_deserialization.md
kafka_ui_unauth_rce_cve_2023_52251.md
added base64 encoder module of zerosteiner
2024-02-14 21:33:50 +00:00
kaltura_unserialize_cookie_rce.md
kaltura_unserialize_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
kibana_timelion_prototype_pollution_rce.md
kibana exploit
2023-08-24 16:08:08 -04:00
kibana_upgrade_assistant_telemetry_rce.md
Update documentation/modules/exploit/linux/http/kibana_upgrade_assistant_telemetry_rce.md
2023-10-06 16:45:52 -04:00
klog_server_authenticate_user_unauth_command_injection.md
lexmark_faxtrace_settings.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
librenms_addhost_cmd_inject.md
librenms_collectd_cmd_inject.md
linear_emerge_unauth_rce_cve_2019_7256.md
Fix up missing option in documentation and also add some additional validation on server response.
2023-01-04 17:02:05 -06:00
linksys_wvbr0_user_agent_exec_noauth.md
linuxki_rce.md
logsign_exec.md
spelling change per review
2022-11-23 13:26:19 -06:00
lucee_admin_imgprocess_file_write.md
magnusbilling_unauth_rce_cve_2023_30258.md
third release module with minor text changes
2023-10-31 09:29:13 +00:00
mailcleaner_exec.md
majordomo_cmd_inject_cve_2023_50917.md
Add suggested changes
2023-12-22 00:04:54 +01:00
metabase_setup_token_rce.md
metabase setup token rce
2023-08-08 17:16:56 -04:00
microfocus_obr_cmd_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
microfocus_secure_messaging_gateway.md
mida_solutions_eframework_ajaxreq_rce.md
mobileiron_core_log4shell.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
mobileiron_mdm_hessian_rce.md
mvpower_dvr_shell_exec.md
nagios_xi_autodiscovery_webshell.md
nagios_xi_chained_rce_2_electric_boogaloo.md
nagios_xi_chained_rce.md
nagios_xi_configwizards_authenticated_rce.md
Add example for version 5.5.6 with CVE-2021-25297
2023-02-07 14:18:53 -06:00
nagios_xi_magpie_debug.md
nagios_xi_mibs_authenticated_rce.md
nagios_xi_plugins_check_plugin_authenticated_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
nagios_xi_plugins_filename_authenticated_rce.md
nagios_xi_snmptrap_authenticated_rce.md
netgear_dgn1000_setup_unauth_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
netgear_dnslookup_cmd_exec.md
netgear_r7000_cgibin_exec.md
netgear_unauth_exec.md
netsweeper_webadmin_unixlogin.md
nexus_repo_manager_el_injection.md
op5_config_exec.md
opentsdb_key_cmd_injection.md
Add docs for opentsdb_key_cmd_injection
2023-09-08 16:08:18 +01:00
opentsdb_yrange_cmd_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
optergy_bms_backdoor_rce_cve_2019_7276.md
updated module and documentation with SUDO option
2023-03-26 18:31:25 +00:00
oracle_ebs_rce_cve_2022_21587.md
improve the documentation, mention some steps required during setup.
2023-02-22 09:42:11 +00:00
pandora_fms_events_exec.md
pandora_ping_cmd_exec.md
panos_op_cmd_exec.md
Updated error handling
2022-09-13 12:40:59 -04:00
panos_readsessionvars.md
php_imap_open_rce.md
pineapple_bypass_cmdinject.md
pineapple_preconfig_cmdinject.md
pulse_secure_cmd_exec.md
pulse_secure_gzip_rce.md
pyload_js2py_exec.md
Add module docs
2023-02-15 16:29:42 -05:00
qnap_qcenter_change_passwd_exec.md
qnap_qts_rce_cve_2023_47218.md
Docs plus minor edits
2024-02-15 17:12:11 -05:00
rancher_server.md
rconfig_ajaxarchivefiles_rce.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
rconfig_vendors_auth_file_upload_rce.md
roxy_wi_exec.md
Add in updated scenario documentation
2022-07-25 14:14:52 -05:00
saltstack_salt_api_cmd_exec.md
saltstack_salt_wheel_async_rce.md
samsung_srv_1670d_upload_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
solarview_unauth_rce_cve_2023_23333.md
Apply grammatical suggestions from code review
2023-09-05 17:06:01 -04:00
sonicwall_cve_2021_20039.md
sophos_utm_webadmin_sid_cmd_injection.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
sourcegraph_gitserver_sshcmd.md
Add sourcegraph RCE module docs
2022-07-08 17:27:27 -04:00
spark_unauth_rce.md
spring_cloud_gateway_rce.md
Add in some missing info to examples, set default port, and update IOCs to note we include some IOCs in the logs
2022-10-12 11:19:47 -05:00
suitecrm_log_file_rce.md
supervisor_xmlrpc_exec.md
symantec_messaging_gateway_exec.md
symmetricom_syncserver_rce.md
add module documentation
2023-06-13 13:14:51 -05:00
synology_dsm_smart_exec_auth.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
terramaster_unauth_rce_cve_2020_35665.md
Updates based on space-r7 comments
2023-06-08 07:39:44 +00:00
terramaster_unauth_rce_cve_2021_45837.md
Updated NAS model and version check
2023-06-08 09:12:45 +00:00
terramaster_unauth_rce_cve_2022_24990.md
Updates based on review comments from space-r7 and jvoisin
2023-06-12 19:28:08 +00:00
tiki_calendar_exec.md
totolink_unauth_rce_cve_2023_30013.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
tp_link_ncxxx_bonjour_command_injection.md
trend_micro_imsva_exec.md
trendmicro_imsva_widget_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
trendmicro_websecurity_exec.md
ueb_api_rce.md
unraid_auth_bypass_exec.md
spelling change per review
2022-11-23 13:26:19 -06:00
vestacp_exec.md
vinchin_backup_recovery_cmd_inject.md
Update
2023-11-21 18:28:28 +01:00
vmware_nsxmgr_xstream_rce_cve_2021_39144.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
vmware_vcenter_analytics_file_upload.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
vmware_vcenter_vsan_health_rce.md
vmware_view_planner_4_6_uploadlog_rce.md
vmware_vrli_rce.md
Add and use a Thrift client object
2023-09-11 14:37:38 -04:00
vmware_vrni_rce_cve_2023_20887.md
Fix incomplete copy pasta in docs
2023-07-21 14:38:07 -04:00
vmware_vrops_mgr_ssrf_rce.md
vmware_workspace_one_access_cve_2022_22954.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
vmware_workspace_one_access_vmsa_2022_0011_chain.md
docs fix
2023-04-17 16:41:35 -04:00
wd_mycloud_multiupload_upload.md
wd_mycloud_unauthenticated_cmd_injection.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
webmin_backdoor.md
webmin_file_manager_rce.md
Update documentation/modules/exploit/linux/http/webmin_file_manager_rce.md
2022-11-01 10:40:01 -05:00
webmin_package_updates_rce.md
Fix from code review
2022-08-09 15:09:25 +02:00
webmin_packageup_rce.md
wepresent_cmd_injection.md
wipg1000_cmd_injection.md
xplico_exec.md
spelling fixes on docs
2023-10-10 14:46:18 -04:00
zimbra_cpio_cve_2022_41352.md
Fix the doc to make msftidy_docs.rb happy
2022-10-20 14:33:40 +02:00
zimbra_mboximport_cve_2022_27925.md
Update all links from Wiki site to new docs site.
2023-01-27 09:58:53 -06:00
zimbra_unrar_cve_2022_30333.md
Add module docs for the split-up unrar modules
2022-07-27 13:24:29 -07:00
zimbra_xxe_rce.md
zyxel_lfi_unauth_ssh_rce.md
Updates based on cdelafuente-r7 comments
2023-05-06 19:05:21 +00:00
zyxel_ztp_rce.md