From d429a81f6399081e443ed3320a51d2daa5145746 Mon Sep 17 00:00:00 2001 From: Metasploit Date: Mon, 26 Nov 2018 09:57:53 -0800 Subject: [PATCH] automatic module_metadata_base.json update --- db/modules_metadata_base.json | 50 +++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json index 5c27e9f3cb..69f4a85c62 100644 --- a/db/modules_metadata_base.json +++ b/db/modules_metadata_base.json @@ -50015,6 +50015,56 @@ "notes": { } }, + "exploit_linux/http/netgear_unauth_exec": { + "name": "Netgear Devices Unauthenticated Remote Command Execution", + "full_name": "exploit/linux/http/netgear_unauth_exec", + "rank": 600, + "disclosure_date": "2016-02-25", + "type": "exploit", + "author": [ + "Daming Dominic Chen ", + "Imran Dawoodjee " + ], + "description": "From the CVE-2016-1555 page: (1) boardData102.php, (2) boardData103.php,\n (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in\n Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350,\n WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute\n arbitrary commands.", + "references": [ + "CVE-2016-1555", + "URL-https://kb.netgear.com/30480/CVE-2016-1555-Notification?cid=wmt_netgear_organic", + "PACKETSTORM-135956", + "URL-http://seclists.org/fulldisclosure/2016/Feb/112" + ], + "is_server": false, + "is_client": false, + "platform": "Linux", + "arch": "mipsbe", + "rport": 80, + "autofilter_ports": [ + 80, + 8080, + 443, + 8000, + 8888, + 8880, + 8008, + 3000, + 8443 + ], + "autofilter_services": [ + "http", + "https" + ], + "targets": [ + "Automatic" + ], + "mod_time": "2018-11-12 13:24:00 +0000", + "path": "/modules/exploits/linux/http/netgear_unauth_exec.rb", + "is_install_path": true, + "ref_name": "linux/http/netgear_unauth_exec", + "check": true, + "post_auth": false, + "default_credential": false, + "notes": { + } + }, "exploit_linux/http/netgear_wnr2000_rce": { "name": "NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow", "full_name": "exploit/linux/http/netgear_wnr2000_rce",