New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add more ranks #8335
Add more ranks #8335
Conversation
3283b82
to
daba88c
Compare
|
58220d9
to
06b9500
Compare
../vmware_mount.rb Rank = Excellent Exploit uses check code for target availability, the vulnerability does not require user action, and the exploit uses privilege escalation to run arbitrary executables ../movabletype_upgrade_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../uptime_file_upload_2.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../zpanel_information_disclosure_rce.rb Rank = ExcellentRanking Exploit allows remote code execution, implements version check for pChart ../spip_connect_exec.rb Rank = ExcellentRanking Exploit utilizes code injection, has a check for availability ../wp_optimizepress_upload.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../wing_ftp_admin_exec.rb Rank = ExcellentRanking Exploit allows execution of arbitrary commands, has a check for availability ../novell_mdm_lfi.rb Rank = ExcellentRanking Exploit allows execution of arbitrary code, has a check for availability ../run_as.rb Rank = ExcellentRanking Exploit utilizes command injection, checks system type, and does not require user action
06b9500
to
88bef00
Compare
Thanks @wvu-r7 ! I've changed Do tell me if there are any other inaccuracies! |
Thanks for doing this. I was trying to finish them the other day but didn't have the motivation to finish, lol. |
Release NotesModule rank warnings have been removed from |
This PR hopes to resolve the last few missing module rankings as per #7923
I've also included a few lines of justification for each ranking - these ones seem a little less cut and dry than the previous set, so please do tell me if I've misinterpreted something!
../vmware_mount.rb
Rank = Excellent
Exploit uses check code for target availability,
the vulnerability does not require user action,
and the exploit uses privilege escalation to run
arbitrary executables
../movabletype_upgrade_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability
../uptime_file_upload_2.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability
../zpanel_information_disclosure_rce.rb
Rank = ExcellentRanking
Exploit allows remote code execution,
implements version check for pChart
../spip_connect_exec.rb
Rank = ExcellentRanking
Exploit utilizes code injection,
has a check for availability
../wp_optimizepress_upload.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability
../wing_ftp_admin_exec.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary commands,
has a check for availability
../novell_mdm_lfi.rb
Rank = ExcellentRanking
Exploit allows execution of arbitrary code,
has a check for availability
../run_as.rb
Rank = ExcellentRanking
Exploit utilizes command injection,
checks system type, and does not require user action
Verification