CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 2CVE-2021-44916 – Open-AudIT Community 4.2.0 - Cross-Site Scripting (XSS) (Authenticated)
https://notcve.org/view.php?id=CVE-2021-44916
Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a Cross Site Scripting (XSS) vulnerability. If a bad value is passed to the routine via a URL, malicious JavaScript code can be executed in the victim's browser. Opmantek Open-AudIT Community versión 4.2.0 (Corregido en versión 4.3.0) está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS). Si es pasado un valor incorrecto a la rutina por medio de una URL, puede ejecutarse código JavaScript malicioso en el navegador de la víctima Open-AudIT Community versions 4.2.0 and below suffer from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/50651 http://packetstormsecurity.com/files/165502/Open-AudIT-Community-4.2.0-Cross-Site-Scripting.html https://community.opmantek.com/display/OA/Errata+-+4.2.0+and+earlier+Javascript+vulnerability https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0 https://github.com/Opmantek/open-audit/commit/e37b64bbd0219f03cb71cc1cd5bb010166a2b846 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3130
https://notcve.org/view.php?id=CVE-2021-3130
Within the Open-AudIT up to version 3.5.3 application, the web interface hides SSH secrets, Windows passwords, and SNMP strings from users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible. Dentro de la aplicación Open-AudIT hasta la versión 3.5.3, la interfaz web oculta los secretos SSH, las contraseñas de Windows y las cadenas SNMP de los usuarios que usan la ofuscación del HTML "password field". Mediante el uso de herramientas del Desarrollador o similar, es posible cambiar la ofuscación para que las credenciales sean visibles • https://github.com/jet-pentest/CVE-2021-3130 https://opmantek.com/network-discovery-inventory-software https://raw.githubusercontent.com/B0D0B0P0T/CVE/main/CVE-2021-3130 •
CVSS: 9.0EPSS: 40%CPEs: 1EXPL: 5CVE-2020-12078 – Open-AudIT Professional 3.3.1 Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-12078
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address. Se descubrió un problema en Open-AudIT versión 3.3.1. • https://github.com/mhaskar/CVE-2020-12078 https://github.com/84KaliPleXon3/CVE-2020-12078 http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html https://gist.github.com/mhaskar/dca62d0f0facc13f6364b8ed88d5a7fd https://github.com/Opmantek/open-audit/commit/6ffc7f9032c55eaa1c37cf5e070809b7211c7e9a https://shells.systems/open-audit-v3-3-1-remote-command-execution-cve-2020-12078 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 92%CPEs: 8EXPL: 10CVE-2020-8813 – Cacti 1.2.8 - Unauthenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2020-8813
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege. El archivo graph_realtime.php en Cacti versión 1.2.8, permite a atacantes remotos ejecutar comandos arbitrarios de Sistema Operativo por medio de metacaracteres de shell en una cookie, si un usuario invitado posee el privilegio graph real-time. graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege. • https://www.exploit-db.com/exploits/48145 https://www.exploit-db.com/exploits/48144 https://github.com/mhaskar/CVE-2020-8813 https://github.com/p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime https://github.com/hexcowboy/CVE-2020-8813 https://github.com/0xm4ud/Cacti-CVE-2020-8813 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html http://packetstormsecurity.com/files/156537/Cacti- • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •