|
41983 | 41983 |
|
41984 | 41984 | ] |
41985 | 41985 | }, |
| 41986 | + "auxiliary_scanner/http/simplehelp_toolbox_path_traversal": { |
| 41987 | + "name": "SimpleHelp Path Traversal Vulnerability CVE-2024-57727", |
| 41988 | + "fullname": "auxiliary/scanner/http/simplehelp_toolbox_path_traversal", |
| 41989 | + "aliases": [ |
| 41990 | + |
| 41991 | + ], |
| 41992 | + "rank": 300, |
| 41993 | + "disclosure_date": "2025-01-12", |
| 41994 | + "type": "auxiliary", |
| 41995 | + "author": [ |
| 41996 | + "horizon3ai", |
| 41997 | + "imjdl", |
| 41998 | + "jheysel-r7" |
| 41999 | + ], |
| 42000 | + "description": "There exists a path traversal vulnerability in the /toolbox-resource endpoint that enables unauthenticated\n remote attackers to download arbitrary files from the SimpleHelp server via crafted HTTP requests", |
| 42001 | + "references": [ |
| 42002 | + "URL-https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/", |
| 42003 | + "URL-https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier", |
| 42004 | + "URL-https://rustlang.rs/posts/simple-help/", |
| 42005 | + "URL-https://attackerkb.com/topics/G4CTOrbDx0/cve-2024-57727", |
| 42006 | + "CVE-2024-57727" |
| 42007 | + ], |
| 42008 | + "platform": "", |
| 42009 | + "arch": "", |
| 42010 | + "rport": 80, |
| 42011 | + "autofilter_ports": [ |
| 42012 | + 80, |
| 42013 | + 8080, |
| 42014 | + 443, |
| 42015 | + 8000, |
| 42016 | + 8888, |
| 42017 | + 8880, |
| 42018 | + 8008, |
| 42019 | + 3000, |
| 42020 | + 8443 |
| 42021 | + ], |
| 42022 | + "autofilter_services": [ |
| 42023 | + "http", |
| 42024 | + "https" |
| 42025 | + ], |
| 42026 | + "targets": null, |
| 42027 | + "mod_time": "2025-02-24 10:26:01 +0000", |
| 42028 | + "path": "/modules/auxiliary/scanner/http/simplehelp_toolbox_path_traversal.rb", |
| 42029 | + "is_install_path": true, |
| 42030 | + "ref_name": "scanner/http/simplehelp_toolbox_path_traversal", |
| 42031 | + "check": false, |
| 42032 | + "post_auth": false, |
| 42033 | + "default_credential": false, |
| 42034 | + "notes": { |
| 42035 | + "Stability": [ |
| 42036 | + "crash-safe" |
| 42037 | + ], |
| 42038 | + "SideEffects": [ |
| 42039 | + "ioc-in-logs" |
| 42040 | + ], |
| 42041 | + "Reliability": [ |
| 42042 | + |
| 42043 | + ] |
| 42044 | + }, |
| 42045 | + "session_types": false, |
| 42046 | + "needs_cleanup": false, |
| 42047 | + "actions": [ |
| 42048 | + |
| 42049 | + ] |
| 42050 | + }, |
41986 | 42051 | "auxiliary_scanner/http/smt_ipmi_49152_exposure": { |
41987 | 42052 | "name": "Supermicro Onboard IPMI Port 49152 Sensitive File Exposure", |
41988 | 42053 | "fullname": "auxiliary/scanner/http/smt_ipmi_49152_exposure", |
|
0 commit comments