Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2014-3927: remote command injection to router's console via "argument" parameter #1

Closed
lucab opened this issue Jun 11, 2014 · 1 comment

Comments

Projects
None yet
2 participants
@lucab
Copy link

commented Jun 11, 2014

At mrlg-lib.php:120, the "argument" parameter is escaped against HTML injection. However it is passed directly as the last argument for router command line.

Newline or command separators won't be escaped and can be injected to execute multiple commands on router's console.

cc @emdel for credits

@infrastation infrastation self-assigned this Jun 11, 2014

infrastation added a commit that referenced this issue Jun 11, 2014

add input argument check (CVE-2014-3927) (GH #1)
Protect against newlines and likes by explicitly allowing only
legitimate characters.
@infrastation

This comment has been minimized.

Copy link
Owner

commented Jun 11, 2014

Release 1.0.8 fixes this issue, thank you for the report!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.