Posts Tagged ‘remote’

SolarWind LEM Default SSH Password Remote Code Execution

This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is “cmc” and “password”. By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against […]

Logsign Remote Command Injection

This Metasploit module exploits an command injection vulnerability in Logsign. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the root user. Logsign has a publicly accessible endpoint. That endpoint takes a user input and then use it during operating system command execution without proper validation. This Metasploit module was tested against 4.4.2 […]