module
Froxlor Log Path RCE
| Disclosed | Created |
|---|---|
| 2023-01-29 | 2023-02-22 |
Disclosed
2023-01-29
Created
2023-02-22
Description
Froxlor v2.0.7 and below suffer from a bug that allows authenticated users to change the application logs path
to any directory on the OS level which the user www-data can write without restrictions from the backend which
leads to writing a malicious Twig template that the application will render. That will lead to achieving a
remote command execution under the user www-data.
to any directory on the OS level which the user www-data can write without restrictions from the backend which
leads to writing a malicious Twig template that the application will render. That will lead to achieving a
remote command execution under the user www-data.
Authors
Askar
jheysel-r7
jheysel-r7
Platform
Linux
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.