Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remote Command Execution Vulnerability #1

Closed
jeanmarc77 opened this issue Jan 9, 2022 · 2 comments
Closed

Remote Command Execution Vulnerability #1

jeanmarc77 opened this issue Jan 9, 2022 · 2 comments
Labels
help wanted Extra attention is needed

Comments

@jeanmarc77
Copy link
Owner

check https://www.exploit-db.com/exploits/50596 for details
Mabe a trick would be to have a list of allowed com apps. But, that would need to manually set another config file.
Any others hints ?
@jeanmarc77 jeanmarc77 added the help wanted Extra attention is needed label Jan 9, 2022
@jeanmarc77
Copy link
Owner Author

jeanmarc77 commented Jan 9, 2022
edited

That said admin is only available from WAN only when you've set up HTTP authentication

@jeanmarc77
Copy link
Owner Author

jeanmarc77 commented Jan 14, 2022
edited

fixed in main branch via allowed_comapps.php

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jeanmarc77