CVE-2007-6497

Hosting Controller 6.1 Hot fix 3.3 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-6497. PoCs published by BugReport.IR.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Hosting Controller 6.1 Hot fix <= 3.3, including authentication bypass, privilege escalation, and arbitrary file upload leading to remote code execution. It provides detailed steps and HTML/JS PoC code for exploiting these flaws.

Description

Hosting Controller 6.1 Hot fix 3.3 and earlier (1) allows remote attackers to change arbitrary user profiles via a request to Hosting/Addreseller.asp with modified loginname and email parameters; and (2) allows remote authenticated users to change a credit amount and increase a discount via an UpdateUser action to Accounts/AccountActions.asp with modified UserName, FullName, CreditLimit, and DefaultDiscount parameters, a related issue to CVE-2005-2219.

Exploits (1)

exploitdb WORKING POC VERIFIED

by BugReport.IR · textwebappsasp

https://www.exploit-db.com/exploits/4730

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Hosting Controller 6.1 Hot fix <= 3.3, including authentication bypass, privilege escalation, and arbitrary file upload leading to remote code execution. It provides detailed steps and HTML/JS PoC code for exploiting these flaws.

Classification

Working Poc 95%

Attack Type

Rce | Auth Bypass | Sqli | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Hosting Controller 6.1 Hot fix <= 3.3

No auth needed

Prerequisites: Access to the target Hosting Controller web interface

MITRE ATT&CK