Skip to content
Home » Blog

Blog

Motu AVB Directory Traversal Vulnerability and Exploit (CVE-2020-8009)

We’ve found that MOTU AVB devices contain a directory traversal vulnerability. During testing, we were able to append characters to the end of the URL and manipulate the application to display local files. For example, when using the URL of http://<<host>>:1280/../../../../../../../../../../../../etc/passwd The application responds with the listing of the /etc/passwd file. The vendor has not…

Continue Reading Motu AVB Directory Traversal Vulnerability and Exploit (CVE-2020-8009)

SpecoWeb Directory Traversal (CVE-2021-32562)

SpecoWeb (presumably all versions or at least all versions that I have tested) is vulnerable to a directory traversal vulnerability. This vulnerability can be exploited using a browser and Burp Suite. Appending /../../../../../../../../../../../../etc/passwd at the end of a SpecoWeb URL discloses the hash values of all users. All affected instances that have been tested thus…

Continue Reading SpecoWeb Directory Traversal (CVE-2021-32562)

How to Pivot with Meterpreter and Proxychains

During an external engagement recently, I encountered a ColdFusion server was vulnerable to the BlazeDS Vulnerability which allows remote code execution. I stumbled upon the article written by Brett DeWall at WhiteOak, which has a great write up of this vulnerability and how to exploit it which can be found here https://www.whiteoaksecurity.com/2019-9-3-blazeds-java-object-deserialization-exploit-walkthrough/. I followed this write…

Continue Reading How to Pivot with Meterpreter and Proxychains