Skip to content

Edgarloyola/CVE-2021-40904

main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

CVE-2021-40904 - RCE via CheckMk's Dokuwiki embedded application

Application: CheckMK Management Web Console

Software Revision: From 1.5.0 to 1.5.0p25

Attack type: RCE

Solution: Upgrade to version 1.6 or higher.

Summary: The web management console of CheckMk Raw Edition (versions 1.5.0 to 1.5.0p25) allows a misconfiguration of the web-app Dokuwiki (installed by default) which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session by a user with the role of administrator.

Technical Description: See CVE-2021-40904

Timeline:

  • 2021-09-01 Issues discovered.
  • 2021-09-06 First contact with vendor via e-mail.
  • 2021-09-08 Vendor response. RCE vulnerabilities were already detected, and higher versions already exist with the patch.
  • 2022-03-25 Public disclosure.

Reference:

DEMO

PoC checkmk version 1.5.0p25 Raw Edition

RCE Dokuwiki

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published