CVE-2020-28949 is a vulnerability which affects the Archive_Tar plugin of the PEAR PHP development framework and is caused by Archive_Tar’s lack of validation of file stream wrappers contained within filenames, which for allows the writing of an arbitrary file containing user controlled content to an arbitrary location on disk. PEAR Archive_Tar < 1.4.11 Arbitrary File WriteĮxploits/multi/fileformat/archive_tar_arb_file_write has been added by gwillcox-r7, which adds support for CVE-2020-28949. More information about this exploit can be found here. National Security Agency’s list of vulnerabilities known to be exploited by Chinese state-sponsored threat actors. This exploit has been included on the U.S.
MDM helps organizations manage and control all employees’ devices, requiring it to be publicly reachable to synchronize devices, making this an appealing target.
Our very own wvu-r7 has added exploits/linux/http/mobileiron_mdm_hessian_rce, which exploits an ACL bypass in MobileIron MDM products to execute a Java deserialization attack using a Groovy gadget against a Hessian based endpoint. MobileIron MDM Hessian-Based Java Deserialization RCE