Home Exploit Hacking Info IT Metasploit Framework Tutorial HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

Minggu, 12 Februari 2017

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)

Diterbitkan 0 Comments

HP Smart Storage Administrator 2.30.6.0 - Remote Command Injection (Metasploit)


Yahoo, welcome back with me. Now i share about Metasploit Framework, lets read it!

Note:
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
Description:
This module exploits a vulnerability found in HP Smart Storage Administrator. By supplying a specially crafted HTTP request, it is possible to control the 'command' variable in function isDirectFileAccess (found in ipcelmclient.php), which will be used in a proc_open() function. Versions prior to HP SSA 2.60.18.0 are vulnerable.

Info Metasploit:
 Title  : HP Smart Storage Administrator Remote Command Injection
Author : Nicolas Mattiocco (@MaKyOtOx)
Platform : Linux/Windows
DisclosureDate : Jan 30 2017
CVE : 2016-8523
Code Metasploit:
 


Thanks for visiting guys. Don't forget Bookmark this blog and Share it :D

loading short url

Artikel Terkait

LoliNii Channel

Free Download Bathroom Japan Horror Game - Demo Version
SSH Launcher v2 by RZLabs
Langganan: Posting Komentar (Atom)