automatic module_metadata_base.json update

GSoC/Meterpreter_Web_Console
Metasploit 2018-07-05 12:30:54 -07:00
parent 05a0d79be7
commit 41a5ac3d74
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 29 additions and 0 deletions

View File

@ -31865,6 +31865,35 @@
"is_install_path": true, "is_install_path": true,
"ref_name": "linux/http/hp_system_management" "ref_name": "linux/http/hp_system_management"
}, },
"exploit_linux/http/hp_van_sdn_cmd_inject": {
"name": "HP VAN SDN Controller Root Command Injection",
"full_name": "exploit/linux/http/hp_van_sdn_cmd_inject",
"rank": 600,
"disclosure_date": "2018-06-25",
"type": "exploit",
"author": [
"Matt Bergin",
"wvu <wvu@metasploit.com>"
],
"description": "This module exploits a hardcoded service token or default credentials\n in HPE VAN SDN Controller <= 2.7.18.0503 to execute a payload as root.\n\n A root command injection was discovered in the uninstall action's name\n parameter, obviating the need to use sudo for privilege escalation.\n\n If the service token option TOKEN is blank, USERNAME and PASSWORD will\n be used for authentication. An additional login request will be sent.",
"references": [
"EDB-44951",
"URL-https://korelogic.com/Resources/Advisories/KL-001-2018-008.txt"
],
"is_server": true,
"is_client": false,
"platform": "Linux,Unix",
"arch": "x86, x64",
"rport": "8081",
"targets": [
"Unix In-Memory",
"Linux Dropper"
],
"mod_time": "2018-07-05 13:30:55 +0000",
"path": "/modules/exploits/linux/http/hp_van_sdn_cmd_inject.rb",
"is_install_path": true,
"ref_name": "linux/http/hp_van_sdn_cmd_inject"
},
"exploit_linux/http/huawei_hg532n_cmdinject": { "exploit_linux/http/huawei_hg532n_cmdinject": {
"name": "Huawei HG532n Command Injection", "name": "Huawei HG532n Command Injection",
"full_name": "exploit/linux/http/huawei_hg532n_cmdinject", "full_name": "exploit/linux/http/huawei_hg532n_cmdinject",