automatic module_metadata_base.json update
This commit is contained in:
parent
2b90d33aef
commit
a0d162bc9f
|
@ -76752,6 +76752,66 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/opennms_horizon_authenticated_rce": {
|
||||
"name": "OpenNMS Horizon Authenticated RCE",
|
||||
"fullname": "exploit/linux/http/opennms_horizon_authenticated_rce",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2023-07-01",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Erik Wynter"
|
||||
],
|
||||
"description": "This module exploits built-in functionality in OpenNMS\n Horizon in order to execute arbitrary commands as the\n opennms user. For versions 32.0.2 and higher, this\n module requires valid credentials for a user with\n ROLE_FILESYSTEM_EDITOR privileges and either\n ROLE_ADMIN or ROLE_REST.\n\n For versions 32.0.1 and lower, credentials are\n required for a user with ROLE_FILESYSTEM_EDITOR,\n ROLE_REST, and/or ROLE_ADMIN privileges. In that case,\n the module will automatically escalate privileges via\n CVE-2023-40315 or CVE-2023-0872 if necessary.\n\n This module has been successfully tested against OpenNMS\n version 31.0.7",
|
||||
"references": [
|
||||
"CVE-2023-40315",
|
||||
"CVE-2023-0872"
|
||||
],
|
||||
"platform": "Linux",
|
||||
"arch": "ARCH_CMD",
|
||||
"rport": 8980,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"Linux"
|
||||
],
|
||||
"mod_time": "2024-03-20 11:39:19 +0000",
|
||||
"path": "/modules/exploits/linux/http/opennms_horizon_authenticated_rce.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/http/opennms_horizon_authenticated_rce",
|
||||
"check": true,
|
||||
"post_auth": true,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"SideEffects": [
|
||||
"artifacts-on-disk",
|
||||
"ioc-in-logs"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/opentsdb_key_cmd_injection": {
|
||||
"name": "OpenTSDB 2.4.1 unauthenticated command injection",
|
||||
"fullname": "exploit/linux/http/opentsdb_key_cmd_injection",
|
||||
|
|
Loading…
Reference in New Issue