All FLIR AX8 thermal sensor cameras versions up to and including 1.46.16 are vulnerable to remote command injection. This can be exploited to inject and execute arbitrary shell commands as the root user through the id HTTP POST parameter in the res.php endpoint. This module uses the vulnerability to upload and execute payloads gaining root privileges.
a321cd3e8960e684cbab1cd82bb0f9be0cda474af87c57e7f89fa9aaa83b6bcaFLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities.
d4b0fa3d39bb7d9eb67520d399557821deb5682ab4e0f91e473b5af510fec4d7OctoBot WebInterface version 0.4.3 suffers from a remote code execution vulnerability.
e44b74ee9184e1f4fa497f4876744c69864ed4d789de8a18313422be9a4ad1c5Sashimi Evil OctoBot Tentacle is a python script that exploits a vulnerability that lies in the Tentacles upload functionality of the cryptocurrency trading bot OctoBot which is designed to be easy to use and customizable. Versions 0.4.0beta3 through 0.4.3 are affected.
67657fcc4e1e91fdf6687effb98e5e02419480dc043b1f499700a2140f08b47b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed