R7-2016-06: Remote Code Execution via Swagger Parameter Injection (CVE-2016-5641) | Rapid7 Blog
Tags
attack-pattern: | Model Javascript - T1059.007 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
Type | Value |
---|---|
UUID | d152a9a9-d632-4e3f-a409-2f1bca1ee0d1 |
Fingerprint | b638b9db3cf34ee4 |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | June 23, 2016, 1:05 p.m. |
Added to db | Jan. 18, 2023, 8:47 p.m. |
Last updated | Dec. 23, 2024, 4:20 a.m. |
Headline | R7-2016-06: Remote Code Execution via Swagger Parameter Injection (CVE-2016-5641) |
Title | R7-2016-06: Remote Code Execution via Swagger Parameter Injection (CVE-2016-5641) | Rapid7 Blog |
Detected Hints/Tags/Attributes | 33/1/17 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CERT CC Vulnerability Notes Database | 1 | VU#755216 |
|
Details | CVE | 1 | cve-2016-5641 |
|
Details | Domain | 1 | swagger.io |
|
Details | Domain | 2 | smartbear.com |
|
Details | Domain | 1 | generator.swagger.io |
|
Details | Domain | 1 | editor.swagger.io |
|
Details | Domain | 1 | swaggerhub.com |
|
Details | Domain | 1 | restlet.com |
|
Details | Domain | 1 | restunited.com |
|
Details | Domain | 1 | vrest.io |
|
Details | Domain | 1 | ritc.io |
|
Details | Domain | 1 | stoplight.io |
|
Details | Domain | 1 | runscope.com |
|
Details | Domain | 1 | requestb.in |
|
Details | Domain | 1 | documentation.in |
|
Details | File | 397 | console.log |
|
Details | Url | 1 | http://requestb.in/1ftnzfy1 |