module
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
| Disclosed | Created |
|---|---|
| 2013-01-18 | 2018-05-30 |
Disclosed
2013-01-18
Created
2018-05-30
Description
This module exploits a flaw within the Device Manager (rrobtd.exe). When parsing the 0x75
command, the process does not properly filter user supplied input allowing for arbitrary
command injection. This module has been tested successfully on EMC AlphaStor 4.0 build 116
with Windows 2003 SP2 and Windows 2008 R2.
command, the process does not properly filter user supplied input allowing for arbitrary
command injection. This module has been tested successfully on EMC AlphaStor 4.0 build 116
with Windows 2003 SP2 and Windows 2008 R2.
Authors
Anyway Aniway.Anyway@gmail.com
Preston Thornburn prestonthornburg@gmail.com
Mohsan Farid faridms@gmail.com
Brent Morris inkrypto@gmail.com
juan vazquez juan.vazquez@metasploit.com
Preston Thornburn prestonthornburg@gmail.com
Mohsan Farid faridms@gmail.com
Brent Morris inkrypto@gmail.com
juan vazquez juan.vazquez@metasploit.com
Platform
Windows
Architectures
x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.