.. / CVE-2018-16167

Exploit for LogonTracer <=1.2.0 - Remote Command Injection (CVE-2018-16167)

Description:

LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Nuclei Template

View the template here CVE-2018-16167.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2018/CVE-2018-16167.yaml
Copy

References:

https://jvn.jp/en/vu/JVNVU98026636/index.html
https://nvd.nist.gov/vuln/detail/CVE-2018-16167
https://github.com/ARPSyndicate/kenzer-templates
https://www.exploit-db.com/exploits/49918
https://github.com/JPCERTCC/LogonTracer/releases/tag/v1.2.1