Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2018-17431

Description

Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.

POC

Reference

- http://packetstormsecurity.com/files/159246/Comodo-Unified-Threat-Management-Web-Console-2.7.0-Remote-Code-Execution.html

- https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437

Github

- https://github.com/0xT11/CVE-POC

- https://github.com/20142995/nuclei-templates

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/Elsfa7-110/kenzer-templates

- https://github.com/Fadavvi/CVE-2018-17431-PoC

- https://github.com/merlinepedra/nuclei-templates

- https://github.com/merlinepedra25/nuclei-templates

- https://github.com/sanan2004/CVE-2018-17431-Comodo

- https://github.com/sobinge/nuclei-templates