9

CVE-2020-12078

Exploit
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpmantekOpen-audit Version3.3.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10% 0.95
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

http://packetstormsecurity.com/files/157477/Open-AudIT-Professional-3.3.1-Remote-Code-Execution.html
Third Party Advisory
Exploit
VDB Entry
https://gist.github.com/mhaskar/dca62d0f0facc13f6364b8ed88d5a7fd
Third Party Advisory
Exploit
https://github.com/Opmantek/open-audit/commit/6ffc7f9032c55eaa1c37cf5e070809b7211c7e9a
Patch
Third Party Advisory
https://shells.systems/open-audit-v3-3-1-remote-command-execution-cve-2020-12078/
Third Party Advisory
Exploit