Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP Server File upload leads to Code Execution #52

Open
feric opened this issue Jun 19, 2022 · 2 comments
Open

HTTP Server File upload leads to Code Execution #52

feric opened this issue Jun 19, 2022 · 2 comments
Labels
bug Something isn't working Hiby R3 Pro Series Security

Comments

@feric
Copy link

feric commented Jun 19, 2022

Through the File upload feature, it is possible to replace .sh files in the device with malicious content, leading to execute os commands on the device as root user.

The vulnerability is described in the below URL:
https://github.com/feric/Findings/tree/main/Hiby/Web%20Server/File%20uploading

This finding was found in firmware 1.5; however, is still present in the latest 1.7 firmware for the R3 Pro Saber.
@vext01 vext01 added bug Something isn't working Hiby R3 Pro Series Security labels Jun 28, 2022
@vext01
Copy link
Owner

vext01 commented Jun 28, 2022

🤦

@vext01
Copy link
Owner

vext01 commented Jun 28, 2022

Are you able to start sshd?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working Hiby R3 Pro Series Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vext01 @feric