exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution https://packetstormsecurity.com/files/138194/samsung_security_manager_put.rb.txt https://packetstormsecurity.com/files/138194/samsung_security_manager_put.rb.txt https://packetstormsecurity.com/files/138194/Samsung-Security-Manager-1.5-ActiveMQ-Broker-Service-PUT-Method-Remote-Code-Execution.html Sat, 06 Aug 2016 00:00:23 GMT This is an exploit against Samsung Security Manager that bypasses the patch in CVE-2015-3435 by exploiting the vulnerability against the client side. This exploit has been tested successfully against IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerable PUT. Finally, a traversal is used in the PUT request to upload the code just where we want it and gain Remote Code Execution as SYSTEM.

Related Files

No related files
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close