elbae

4 exploits Active since Jul 2020
CVE-2020-15920 METASPLOIT CRITICAL ruby WORKING POC
Mida eFramework <= 2.9.0 - Unauthenticated Remote Code Execution via OS Command Injection
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
CVSS 9.8
CVE-2020-15920 EXPLOITDB CRITICAL python WORKING POC
Mida eFramework <= 2.9.0 - Unauthenticated Remote Code Execution via OS Command Injection
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
CVSS 9.8
CVE-2020-15922 EXPLOITDB CRITICAL python WORKING POC
Mida eFramework < 2.9.0 - Authenticated Remote Code Execution via OS Command Injection
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
CVSS 9.8
CVE-2020-15921 EXPLOITDB CRITICAL python WORKING POC
Mida eFramework < 2.9.0 - Unauthenticated Backdoor Access and Code Execution
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
CVSS 9.8