This module injects .so library into the remote smbd process. For this exploit to work, a writable shared directory must be available, in order to write an so library. The agent will normally run as the "nobody" user, and will have limited capabilities.
This module also know as EternalBlue exploits the ms17-010 vulnerability by taking advantage of a remote pool overflow in the smb transaction handling code of the windows smb driver.
Solarwinds LEM Management Virtual Appliance is prone to a shell escape via OS command injection which allows attackers the execution of system commands.
This module exploits an exceptional condition in "lsasrv.dll" by sending a crafted "Session Setup Request" SMBv1 or SMBv2 packet that is affected during the NTML Auth message.
Sync Breeze Enterprise is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
HP Intelligent Management Center is prone to a remote vulnerability that allows attackers to execute commands under the context of system.
Trend Micro InterScan Web Security Virtual Appliance is prone to an OS command injection which allows attackers the execution of system commands.
This module exploits a vulnerability on target via a SMB crafted packet.
DiskBoss server is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
A vulnerability exists in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. By abusing the blockip variable, an attacker can achieve remote code execution.