module
Cayin CMS NTP Server RCE
| Disclosed |
|---|
| Jun 4, 2020 |
Disclosed
Jun 4, 2020
Description
This module exploits an authenticated RCE in Cayin CMS in the system_service.cgi file's ntpIp Parameter. The field is limited in size, so
repeated requests are made to achieve a larger payload.
Cayin CMS-SE is built for Ubuntu 16.04 (20.04 failed to install correctly), so the
environment should be pretty set and not dynamic between targets.
Results in root level access.
repeated requests are made to achieve a larger payload.
Cayin CMS-SE is built for Ubuntu 16.04 (20.04 failed to install correctly), so the
environment should be pretty set and not dynamic between targets.
Results in root level access.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.