automatic module_metadata_base.json update
This commit is contained in:
parent
e625e2e474
commit
e1e39ad5bc
|
@ -68649,6 +68649,71 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/pyload_js2py_exec": {
|
||||
"name": "pyLoad js2py Python Execution",
|
||||
"fullname": "exploit/linux/http/pyload_js2py_exec",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2023-01-13",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Spencer McIntyre",
|
||||
"bAu"
|
||||
],
|
||||
"description": "pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code injection due to the pyimport\n functionality exposed through the js2py library. An unauthenticated attacker can issue a crafted POST request\n to the flash/addcrypted2 endpoint to leverage this for code execution. pyLoad by default runs two services,\n the primary of which is on port 8000 and can not be used by external hosts. A secondary \"Click 'N' Load\"\n service runs on port 9666 and can be used remotely without authentication.",
|
||||
"references": [
|
||||
"CVE-2023-0297",
|
||||
"URL-https://huntr.dev/bounties/3fd606f7-83e1-4265-b083-2e1889a05e65/",
|
||||
"URL-https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad",
|
||||
"URL-https://github.com/pyload/pyload/commit/7d73ba7919e594d783b3411d7ddb87885aea782d"
|
||||
],
|
||||
"platform": "Linux,Python,Unix",
|
||||
"arch": "cmd, x86, x64, python",
|
||||
"rport": 9666,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"Unix Command",
|
||||
"Linux Dropper",
|
||||
"Python"
|
||||
],
|
||||
"mod_time": "2023-02-15 16:29:42 +0000",
|
||||
"path": "/modules/exploits/linux/http/pyload_js2py_exec.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "linux/http/pyload_js2py_exec",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs",
|
||||
"artifacts-on-disk"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_linux/http/qnap_qcenter_change_passwd_exec": {
|
||||
"name": "QNAP Q'Center change_passwd Command Execution",
|
||||
"fullname": "exploit/linux/http/qnap_qcenter_change_passwd_exec",
|
||||
|
|
Loading…
Reference in New Issue