This Metasploit module exploits an authenticated path traversal vulnerability found in LimeSurvey versions between 4.0 and 4.1.11 with CVE-2020-11455 or less than or equal to 3.15.9 with CVE-2019-9960, inclusive. In CVE-2020-11455 the getZipFile function within the filemanager functionality allows for arbitrary file download. The file retrieved may be deleted after viewing, which was confirmed in testing. In CVE-2019-9960 the szip function within the downloadZip functionality allows for arbitrary file download. Verified against 4.1.11-200316, 3.15.0-181008, 3.9.0-180604, 3.6.0-180328, 3.0.0-171222, and 2.70.0-170921.
9f74526757273c5edcea64339d62718ea0a109843590d25d98a39b5da99e5413A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria. This assertion can be triggered even if the apparent source address isnt allowed to make queries.
dab01907661bc45dfef1a322289a5b109d9437709b8b57e7022d0295fd2e893aSEIG Modbus version 3.4 suffers from a denial of service vulnerability.
b79b9187f9e66dbeab91b5153a9cf37ca90c2fa960e047a564b8e64b0a99fbbaSEIG Modbus version 3.4 suffers from a remote code execution vulnerability.
8cd4354bb90f87f375b3a51ceaf30cbfb76e0d67defcd47550056a1acab51f87SEIG SCADA System version 9 suffers from a remote code execution vulnerability.
fc590116e8288b1b390e4b58c2c9e02b5131ce45fb20c43eca7455734f1163f7BIND 9 remote denial of service exploit.
bf5ac1c02d35423e6236ecbd930b0b74db57208c27d396facf7be2bf3dec7e95
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed