Add Privilege Escalation Module for Cisco Prime Infrastructure's runrshell Executable #11960
This modules exploits a vulnerability in Cisco Prime Infrastructure's runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root. It was originally discovered by Pedro Ribeiro, and chained in the CVE-2018-15379 exploit. I also saw this being used again in Steven Seeley's CPI HealthMonitor exploit's writeup.
Cisco Prime Infrastructure 3.4.0 (or prior) is needed, and make sure have the following to set up the VM image:
Jun 19, 2019
The Cisco Prime Infrastructure Runshell Privilege Escalation module exploits a vulnerability in the runrshell binary. The runrshell binary is intended to execute a shell script as root, but you can abuse it to inject extra commands in the argument and execute anything as root.