github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-10-09 04:26:11 +02:00
Code Releases Activity

automatic module_metadata_base.json update

Browse Source
This commit is contained in:
Metasploit 2022-02-08 12:48:04 -06:00
parent bed067dda0
commit 4130c61a14
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
db/modules_metadata_base.json
View File

@ -60575,11 +60575,11 @@
"session_types": false,
"needs_cleanup": null
},
"exploit_linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec": {
"name": "Grandstream GXV3175 'settimezone' Unauthenticated Command Execution",
"fullname": "exploit/linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec",
"exploit_linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec": {
"name": "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution",
"fullname": "exploit/linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec",
"aliases": [
"exploit/linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec"
],
"rank": 500,
"disclosure_date": "2016-09-01",
@ -60589,14 +60589,14 @@
"Brendan Scarvell",
"bcoles <bcoles@gmail.com>"
],
"description": "This module exploits a command injection vulnerability in Grandstream GXV3175\n IP multimedia phones. The 'settimezone' action does not validate input in the\n 'timezone' parameter allowing injection of arbitrary commands.\n\n A buffer overflow in the 'phonecookie' cookie parsing allows authentication\n to be bypassed by providing an alphanumeric cookie 93 characters in length.\n\n This module was tested successfully on Grandstream GXV3175v2\n hardware revision V2.6A with firmware version 1.0.1.19.",
"description": "This module exploits a command injection vulnerability in Grandstream GXV31XX\n IP multimedia phones. The 'settimezone' action does not validate input in the\n 'timezone' parameter allowing injection of arbitrary commands.\n\n A buffer overflow in the 'phonecookie' cookie parsing allows authentication\n to be bypassed by providing an alphanumeric cookie 93 characters in length.\n\n This module was tested successfully on Grandstream models:\n GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19; and\n GXV3140 hardware revision V0.4B with firmware version 1.0.1.27.",
"references": [
"CVE-2019-10655",
"URL-https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920",
"URL-https://github.com/dirtyfilthy/gxv3175-remote-code-exec/blob/master/modules/exploits/linux/http/grandstream_gxv3175_cmd_exec.rb"
],
"platform": "Linux",
"arch": "armle",
"platform": "Linux,Unix",
"arch": "",
"rport": 80,
"autofilter_ports": [
80,
@ -60614,12 +60614,13 @@
"https"
],
"targets": [
"Automatic"
"Linux (cmd)",
"Linux (ARMLE)"
],
"mod_time": "2022-01-19 00:04:15 +0000",
"path": "/modules/exploits/linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec.rb",
"mod_time": "2022-01-29 19:38:57 +0000",
"path": "/modules/exploits/linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec.rb",
"is_install_path": true,
"ref_name": "linux/http/grandstream_gxv3175_settimezone_unauth_cmd_exec",
"ref_name": "linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec",
"check": true,
"post_auth": false,
"default_credential": false,