|
87350 | 87350 |
|
87351 | 87351 | ] |
87352 | 87352 | }, |
| 87353 | + "exploit_linux/local/progress_flowmon_sudo_privesc_2024": { |
| 87354 | + "name": "Progress Flowmon Local sudo privilege escalation", |
| 87355 | + "fullname": "exploit/linux/local/progress_flowmon_sudo_privesc_2024", |
| 87356 | + "aliases": [ |
| 87357 | + |
| 87358 | + ], |
| 87359 | + "rank": 600, |
| 87360 | + "disclosure_date": "2024-03-19", |
| 87361 | + "type": "exploit", |
| 87362 | + "author": [ |
| 87363 | + "Dave Yesland with Rhino Security Labs" |
| 87364 | + ], |
| 87365 | + "description": "This module abuses a feature of the sudo command on Progress Flowmon.\n Certain binary files are allowed to automatically elevate\n with the sudo command. This is based off of the file name. This\n includes executing a PHP command with a specific file name. If the\n file is overwritten with PHP code it can be used to elevate privileges\n to root. Progress Flowmon up to at least version 12.3.5 is vulnerable.", |
| 87366 | + "references": [ |
| 87367 | + "URL-https://rhinosecuritylabs.com/research/cve-2024-2389-in-progress-flowmon/", |
| 87368 | + "URL-https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability" |
| 87369 | + ], |
| 87370 | + "platform": "Linux,Unix", |
| 87371 | + "arch": "x86, x64", |
| 87372 | + "rport": null, |
| 87373 | + "autofilter_ports": [ |
| 87374 | + |
| 87375 | + ], |
| 87376 | + "autofilter_services": [ |
| 87377 | + |
| 87378 | + ], |
| 87379 | + "targets": [ |
| 87380 | + "Automatic" |
| 87381 | + ], |
| 87382 | + "mod_time": "2024-05-29 08:39:06 +0000", |
| 87383 | + "path": "/modules/exploits/linux/local/progress_flowmon_sudo_privesc_2024.rb", |
| 87384 | + "is_install_path": true, |
| 87385 | + "ref_name": "linux/local/progress_flowmon_sudo_privesc_2024", |
| 87386 | + "check": true, |
| 87387 | + "post_auth": false, |
| 87388 | + "default_credential": false, |
| 87389 | + "notes": { |
| 87390 | + "Stability": [ |
| 87391 | + "crash-safe" |
| 87392 | + ], |
| 87393 | + "SideEffects": [ |
| 87394 | + "ioc-in-logs", |
| 87395 | + "artifacts-on-disk" |
| 87396 | + ], |
| 87397 | + "Reliability": [ |
| 87398 | + "repeatable-session" |
| 87399 | + ] |
| 87400 | + }, |
| 87401 | + "session_types": [ |
| 87402 | + "shell", |
| 87403 | + "meterpreter" |
| 87404 | + ], |
| 87405 | + "needs_cleanup": true, |
| 87406 | + "actions": [ |
| 87407 | + |
| 87408 | + ] |
| 87409 | + }, |
87353 | 87410 | "exploit_linux/local/progress_kemp_loadmaster_sudo_privesc_2024": { |
87354 | 87411 | "name": "Kemp LoadMaster Local sudo privilege escalation", |
87355 | 87412 | "fullname": "exploit/linux/local/progress_kemp_loadmaster_sudo_privesc_2024", |
|
0 commit comments