Remote code execution on ReconServer due to improper input sanitization on the prips command
Package
ReconServer
Affected versions
0.0.8-beta
Patched versions
0.0.8
Description
Credits
-
Micro0x00 Reporter
Micro0x00
Reporter
Impact
Remote code execution, the attacker is able to execute shell commands in the server without having an admin role
Patches
The issue is fixed @ ReconServer 0.0.8, Please update to that version if you're anything below that
Workarounds
If you can't update just disable the prips command until you're able to update
References
#23
f9cb0f6