CVE-2015-2863
EXPLOITED NUCLEIKaseya Virtual System Administrator 7.x < 7.0.0.29, 8.x < 8.0.0.18, 9.0 < 9.0.0.14, 9.1 < 9.1.0.4 - Open Redirect
Title source: llmExploitation Summary
CVE-2015-2863 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Pedro Ribeiro. A Nuclei detection template is also available.
AI-analyzed exploit summary The document describes two vulnerabilities in Kaseya Virtual System Administrator: an authenticated arbitrary file download (CVE-2015-2862) and an unauthenticated open redirect (CVE-2015-2863). It includes technical details, affected versions, and mitigation steps but does not contain executable exploit code.
Description
Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Exploits (1)
The document describes two vulnerabilities in Kaseya Virtual System Administrator: an authenticated arbitrary file download (CVE-2015-2862) and an unauthenticated open redirect (CVE-2015-2863). It includes technical details, affected versions, and mitigation steps but does not contain executable exploit code.