CVSS: 10.0EPSS: 20%CPEs: 3EXPL: 3CVE-2012-2576 – SolarWinds Storage Manager 5.1.0 - Remote SYSTEM SQL Injection
https://notcve.org/view.php?id=CVE-2012-2576
SQL injection vulnerability in the LoginServlet page in SolarWinds Storage Manager before 5.1.2, SolarWinds Storage Profiler before 5.1.2, and SolarWinds Backup Profiler before 5.1.2 allows remote attackers to execute arbitrary SQL commands via the loginName field. Vulnerabilidad de inyección SQL en la página LoginServlet en SolarWinds Storage Manager en versiones anteriores a la 5.1.2, SolarWinds Storage Profiler en versiones anteriores a la 5.1.2 y SolarWinds Backup Profiler en versiones anteriores a la 5.1.2 permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el campo loginName. • https://www.exploit-db.com/exploits/18818 http://www.exploit-db.com/exploits/18818 http://www.exploit-db.com/exploits/18833 http://www.securityfocus.com/bid/51639 http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/vulnerability.htm https://exchange.xforce.ibmcloud.com/vulnerabilities/72680 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 33%CPEs: 1EXPL: 0CVE-2015-7838 – Solarwinds Storage Manager ProcessFileUpload.jsp File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7838
ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors. ProcessFileUpload.jsp en SolarWinds Storage Manager en versiones anteriores a 6.2 permite a atacantes remotos cargar y ejecutar archivos arbitrarios a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Solarwinds Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ProcessFileUpload.jsp within the handling of file uploads. The issue lies in the failure to sanitize the files uploaded, allowing them to be placed within directories accessible through the service. • http://www.solarwinds.com/documentation/srm/docs/releasenotes/releasenotes.htm http://www.zerodayinitiative.com/advisories/ZDI-15-460 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 97%CPEs: 1EXPL: 1CVE-2015-5371 – SolarWinds Storage Manager AuthenticationFilter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-5371
The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and execute arbitrary scripts via unspecified vectors. La clase AuthenticationFilter en SolarWinds Storage Manager permite a atacantes remotos subir y ejecutar secuencias de comandos arbitrarias a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AuthenticationFilter class. The issue lies in the ability to subvert the authentication filter. • http://www.securityfocus.com/bid/75515 http://www.zerodayinitiative.com/advisories/ZDI-15-275 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/solarwinds_store_manager_auth_filter.rb •