CVE-2018-1235 PoC — Dell EMC RecoverPoint和RecoverPoint for Virtual Machines 命令注入漏洞

Source

https://github.com/AbsoZed/CVE-2018-1235

Associated Vulnerability

Title:Dell EMC RecoverPoint和RecoverPoint for Virtual Machines 命令注入漏洞 (CVE-2018-1235)
Description:Dell EMC RecoverPoint和RecoverPoint for Virtual Machines都是美国戴尔（Dell）公司的产品。前者是一套灾难恢复和数据保护软件，后者是一套面向VMware环境的灾难恢复解决方案。 Dell EMC RecoverPoint 5.1.2之前版本和RecoverPoint for Virtual Machines 5.1.1.3之前版本中存在命令注入漏洞。远程攻击者可利用该漏洞以root权限在受影响的系统上执行任意命令。

Description

A python script that tests for an exploitable instance of CVE-2018-1235.

Readme

# CVE-2018-1235

A python script that tests for an exploitable instance of CVE-2018-1235.

NIST: https://nvd.nist.gov/vuln/detail/CVE-2018-1235

Usage:
./CVE-2018-1235.py -t [Target Host] -r [Your IP]

This code may be altered to actively exploit the vulnerability. Support for network scopes may be added later.

File Snapshot


 [4.0K]  /data/pocs/aef3864146d74e5eee679de664e9ecdb6fbf2728
├── [1.9K]  CVE-2018-1235.py
└── [ 313]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!