CVE-2018-1000049
CVE-2018-1000049
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.
Productos afectados
n/a · n/aPoCs públicas encontradas — 6
cve_referencepacketstormsecurity.com/files/147678/Nanopool-Claymore-Dual-Miner-7.3-Remote-Code-Execution.htmlno verificadocve_referencepacketstormsecurity.com/files/148578/Nanopool-Claymore-Dual-Miner-APIs-Remote-Code-Execution.htmlno verificadocve_referencewww.exploit-db.com/exploits/44638/no verificadocve_referencewww.exploit-db.com/exploits/45044/no verificadoexploitdbwww.exploit-db.com/exploits/45044no verificadoexploitdbwww.exploit-db.com/exploits/44638no verificado⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://packetstormsecurity.com/files/147678/Nanopool-Claymore-Dual-Miner-7.3-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/148578/Nanopool-Claymore-Dual-Miner-APIs-Remote-Code-Execution.htmlhttps://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2018/1000xxx/CVE-2018-1000049.jsonhttps://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Executionhttps://reversebrain.github.io/2018/02/01/Claymore-Dual-Miner-Remote-Code-Execution/https://twitter.com/ReverseBrain/status/951850534985662464https://www.exploit-db.com/exploits/44638/https://www.exploit-db.com/exploits/45044/http://www.rapid7.com/db/modules/exploit/multi/misc/claymore_dual_miner_remote_manager_rce