Vulnerabilities > CVE-2014-5073 - Unspecified vulnerability in Vmturbo Operations Manager 4.0/4.5/4.6
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
vmtadmin.cgi in VMTurbo Operations Manager before 4.6 build 28657 allows remote attackers to execute arbitrary commands via shell metacharacters in the fileDate parameter in a DOWN call.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution. CVE-2014-5073. Remote exploit for linux platform |
| file | exploits/linux/remote/34335.rb |
| id | EDB-ID:34335 |
| last seen | 2016-02-03 |
| modified | 2014-08-14 |
| platform | linux |
| port | 80 |
| published | 2014-08-14 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/34335/ |
| title | VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution |
| type | remote |
Metasploit
| description | VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Port binding payloads are disregarded due to the restrictive firewall settings. This module has been tested successfully on VMTurbo Operations Manager versions 4.5 and 4.6. |
| id | MSF:EXPLOIT/UNIX/HTTP/VMTURBO_VMTADMIN_EXEC_NOAUTH |
| last seen | 2020-06-07 |
| modified | 2017-07-24 |
| published | 2014-08-11 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/unix/http/vmturbo_vmtadmin_exec_noauth.rb |
| title | VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/127864/vmturbo_vmtadmin_exec_noauth.rb.txt |
| id | PACKETSTORM:127864 |
| last seen | 2016-12-05 |
| published | 2014-08-14 |
| reporter | Emilio Pinna |
| source | https://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html |
| title | VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution |
References
- http://disse.cting.org/2014/07/30/vmturbo-operation-manager-remote-command-execution/
- http://disse.cting.org/2014/07/30/vmturbo-operation-manager-remote-command-execution/
- http://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html
- http://packetstormsecurity.com/files/127864/VMTurbo-Operations-Manager-4.6-vmtadmin.cgi-Remote-Command-Execution.html
- http://secunia.com/advisories/58880
- http://secunia.com/advisories/58880
- http://secunia.com/secunia_research/2014-8/
- http://secunia.com/secunia_research/2014-8/
- http://www.exploit-db.com/exploits/34335
- http://www.exploit-db.com/exploits/34335
- http://www.osvdb.org/109572
- http://www.osvdb.org/109572
- http://www.securityfocus.com/bid/69225
- http://www.securityfocus.com/bid/69225
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95319
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95319