This module exploits a server side include vulnerability present in CreateChildControls of Microsoft.SharePoint.WebPartPages.DataFormWebPart class of Microsoft SharePoint Server to deploy an agent. The deployed agent will run with the SharePoint Server service account privileges.
This module exploits an OS command injection vulnerability in Pydio Cells. The lack of sanitisation for the input of the mailer configuration could be exploited to allow an authenticated attacker to run remote code on the underlying operating system an deploy an agent.
This module exploits a directory traversal vulnerability in F5 BIG-IP Traffic Management User Interface (TMUI). The failure in URL parsing between Apache and Java (Tomcat) allows to perform a directory traversal to access the tmshCmd.jsp page. This page allows an authenticated user to execute commands. But, using the mentioned vulnerability, an unauthenticated attacker can run remote code on the underlying operating system an deploy an agent.
The 'recentVersion' explude_ip parameter in the discoveries endpoint is vulnerable to OS Command Injection, this module exploits this vulneravility in order to install an agent
This module exploits an OS command injection vulnerability in Artica Pandora FMS. The lack of sanitisation for the input of the Events function could be exploited to allow an authenticated attacker to run remote code on the underlying operating system an deploy an agent.
This module exploits a deserialization vulnerability present in the BrowserNavigationCorrector class of Microsoft SQL Server Reporting Services to deploy an agent. The deployed agent will run with the Report Server service account privileges.
This module exploits a deserialization vulnerability in the Microsoft Exchange Control Panel. The lack of randomization in the validationKey and decryptionKey values allows an attacker to create a crafted viewstate to execute OS commands an deploy an agent. The deployed agent will run with SYSTEM privileges.
This module exploits an OS command injection vulnerability in Kinetica. The lack of sanitisation for the input of the getLogs function could be exploited to allow an authenticated attacker to run remote code on the underlying operating system an deploy an agent.
This module exploits an unauthenticated OS command injection vulnerability in rConfig using the rootUname parameter present in ajaxServerSettingsChk.php. Also, this module exploits an authenticated OS command injection vulnerability using the catCommand parameter present in search.crud.php.
This module exploits a javascript command injection vulnerability in Kibana, in the Timelion application.