Posts Tagged ‘command’

Serviio Media Server checkStreamUrl Command Execution

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The ‘action’ API endpoint does not sufficiently sanitize user-supplied data in […]


WordPress PHPMailer Host Header Command Injection

This Metasploit module exploits a command injection vulnerability in WordPress version 4.6 with Exim as an MTA via a spoofed Host header to PHPMailer, a mail-sending library that is bundled with WordPress. A valid WordPress username is required to exploit the vulnerability. Additionally, due to the altered Host header, exploitation is limited to the default […]


Atlassian SourceTree 2.5c Client URL Handler Command Injection

Atlassian SourceTree Client version 2.5c and prior contain a client URL handler command injection vulnerability that allows attackers to execute specially crafted sourcetree:// commands with arbitrary arguments on multiple platforms. Source: Atlassian SourceTree 2.5c Client URL Handler Command Injection


Ghostscript 9.21 Type Confusion Arbitrary Command Execution

This Metasploit module exploits a type confusion vulnerability in Ghostscript that can be exploited to obtain arbitrary command execution. This vulnerability affects Ghostscript versions 9.21 and earlier and can be exploited through libraries such as ImageMagick and Pillow. Source: Ghostscript 9.21 Type Confusion Arbitrary Command Execution