You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This module exploits a command injection vulnerability in Netflow component of PandoraFMS. The module requires set of user credentials to modify Netflow settings. Also, Netflow binaries have to present on the system.
19
+
This module exploits a command injection vulnerability in Netflow component of PandoraFMS. The module requires a set of user credentials to modify Netflow settings. Also, Netflow binaries have to present on the system.
20
20
},
21
21
'License'=>MSF_LICENSE,
22
22
'Author'=>['msutovsky-r7'],# researcher, module dev
23
23
'References'=>[
24
-
['OSVDB','12345'],
25
-
['EDB','12345'],
26
-
['URL','http://www.example.com'],
27
-
['CVE','1978-1234']
24
+
['CVE','2025-5306']
28
25
],
29
26
'Platform'=>['unix','linux'],
30
27
'Arch'=>[ARCH_CMD],
@@ -88,9 +85,9 @@ def check
88
85
89
86
vprint_status("Version #{version} detected")
90
87
91
-
returnExploit::CheckCode::Vulnerable("Vulnerable PandoraFMS version #{version} detected")unlessRex::Version.new(version) < Rex::Version.new('7.0.777.10')
88
+
returnExploit::CheckCode::Vulnerable("Vulnerable PandoraFMS version #{version} detected")ifRex::Version.new(version).between?(Rex::Version.new('7.0.774'),Rex::Version.new('7.0.777.10'))
92
89
93
-
Msf::Exploit::CheckCode::Safe('Running version is not vulnerable')
90
+
Msf::Exploit::CheckCode::Safe("Running version #{version}, which is not vulnerable")
0 commit comments