CVE-2015-6922
CVE-2015-6922
Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers to bypass authentication and (1) add an administrative account via crafted request to LocalAuth/setAccount.aspx or (2) write to and execute arbitrary files via a full pathname in the PathData parameter to ConfigTab/uploader.aspx.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 4
cve_referencepacketstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.htmlnão verificadocve_referencewww.exploit-db.com/exploits/38351/não verificadoexploitdbwww.exploit-db.com/exploits/38351não verificadoexploitdbwww.exploit-db.com/exploits/38401não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/133782/Kaseya-Virtual-System-Administrator-Code-Execution-Privilege-Escalation.htmlhttps://helpdesk.kaseya.com/entries/96164487--Kaseya-Security-Advisoryhttps://www.exploit-db.com/exploits/38351/http://www.zerodayinitiative.com/advisories/ZDI-15-448http://www.zerodayinitiative.com/advisories/ZDI-15-449