Vulnerability & Exploit Database

Back to search

Cisco WebEx Chrome Extension RCE (CVE-2017-3823)

This module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 1.0.1 which allows an attacker to execute arbitrary commands on a system.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/windows/browser/cisco_webex_ext

Authors

  • Tavis Ormandy <taviso [at] google.com>
  • William Webb <william_webb [at] rapid7.com>

References

Targets

  • Cisco WebEx Extension 1.0.1

Platforms

  • windows

Architectures

  • x86
  • x86

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/windows/browser/cisco_webex_ext msf exploit(cisco_webex_ext) > show targets ...targets... msf exploit(cisco_webex_ext) > set TARGET <target-id> msf exploit(cisco_webex_ext) > show options ...show and set options... msf exploit(cisco_webex_ext) > exploit

Related Vulnerabilities