Tags archives: execution

 

 

 

 

 

 

0

Serviio Media Server checkStreamUrl Command Execution

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The ‘action’ API endpoint does not sufficiently sanitize user-supplied data in […]

The post Serviio Media Server checkStreamUrl Command Execution appeared first on MondoUnix.

 

 

 

 

0

Crypttech CryptoLog Remote Code Execution

This Metasploit module exploits the sql injection and command injection vulnerability of CryptoLog. An un-authenticated user can execute a terminal command under the context of the web user. login.php endpoint is responsible for login process. One of the user supplied parameter is used by the application without input validation and parameter binding. Which cause a […]

The post Crypttech CryptoLog Remote Code Execution appeared first on MondoUnix.