Posts Tagged ‘appliance’

Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution

This Metasploit module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have widget feature which is implemented with PHP. […]


REDDOXX Appliance Remote Command Execution

RedTeam Pentesting discovered a remote command execution vulnerability in the REDDOXX appliance software, which allows attackers to execute arbitrary command with root privileges while unauthenticated. Affected versions include build 2032 and 2.0.625. Source: REDDOXX Appliance Remote Command Execution


REDDOXX Appliance Unauthenticated Access

RedTeam Pentesting discovered a vulnerability which allows attackers unauthenticated access to the diagnostic functions of the administrative interface of the REDDOXX appliance. The functions allow, for example, to capture network traffic on the appliance’s interfaces. Affected versions include build 2032 and 2.0.625. Source: REDDOXX Appliance Unauthenticated Access