module
Eramba (up to 3.19.1) Authenticated Remote Code Execution Module
| Disclosed |
|---|
| Aug 1, 2023 |
Disclosed
Aug 1, 2023
Description
This module exploits a remote code execution vulnerability in Eramba.
An authenticated user can execute arbitrary commands on the server by
exploiting the path parameter in the download-test-pdf endpoint.
Eramba debug mode has to be enabled.
An authenticated user can execute arbitrary commands on the server by
exploiting the path parameter in the download-test-pdf endpoint.
Eramba debug mode has to be enabled.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.