what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Nikita Abramov

Palo Alto Networks Authenticated Remote Code Execution

Posted Sep 16, 2022

Authored by UnD3sc0n0c1d0, Mikhail Klyuchnikov, jheysel-r7, Nikita Abramov | Site metasploit.com

This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS versions prior to 10.0.1, 9.1.4 and 9.0.10.

tags | exploit, arbitrary, root

advisories | CVE-2020-2038

SHA-256 | bd8da0b51bb49981c02de534b677f79ab91e97edd6c6f772d526bed01cfe7f69

Download | Favorite | View

Cisco HyperFlex HX Data Platform File Upload / Remote Code Execution

Posted Jun 17, 2021

Authored by wvu, Mikhail Klyuchnikov, jheysel-r7, Nikita Abramov | Site metasploit.com

This Metasploit module exploits an unauthenticated file upload vulnerability in Cisco HyperFlex HX Data Platform's /upload endpoint to upload and execute a payload as the Tomcat user.

tags | exploit, file upload

systems | cisco

advisories | CVE-2021-1499

SHA-256 | f5c93c1dbb7c46d018f80b02b7e8b65d92e05da4eaa8f1ef27222f385aefb954

Download | Favorite | View

Cisco HyperFlex HX Data Platform Command Execution

Posted Jun 4, 2021

Authored by wvu, Mikhail Klyuchnikov, Nikita Abramov | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection in Cisco HyperFlex HX Data Platform's /storfs-asup endpoint to execute shell commands as the Tomcat user.

tags | exploit, shell

systems | cisco

advisories | CVE-2021-1497, CVE-2021-1498

SHA-256 | 0a1aa0b824e15e84195c2385f8bf0e7dc95224435e2865997906be79faf81ba6

Download | Favorite | View