Source |
Securifera |
Identifiant |
2853869 |
Date de publication |
2021-05-28 19:56:28 (vue: 2021-05-28 20:05:06) |
Titre |
MesaLabs AmegaView: Information Disclosure to RCE |
Texte |
During a recent assessment, I discovered multiple vulnerabilities in the MesaLabs AmegaView Continous Monitoring Software. The vulnerabilities include command injection (CVE-2021-27447, CVE-2021-27449), improper authentication (CVE-2021-27451), authentication bypass (CVE-2021-27453), and privilege escalation (CVE-2021-27445). In this blog post, I will go over the vulnerabilities and how they were discovered. Recon During assessments, we [...] |
Envoyé |
Oui |
Condensat |
2021 27445 27447 27449 27451 27453 amegaview amegaview: assessment assessments authentication blog bypass command continous cve disclosure discovered during escalation how improper include information injection mesalabs monitoring multiple over post privilege rce recent recon software vulnerabilities will |
Tags |
|
Stories |
|
Notes |
|
Move |
|