module
MicroFocus Secure Messaging Gateway Remote Code Execution
| Disclosed |
|---|
| Jun 19, 2018 |
Disclosed
Jun 19, 2018
Description
This module exploits a SQL injection and command injection vulnerability in MicroFocus Secure Messaging Gateway.
An unauthenticated user can execute a terminal command under the context of the web user.
One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding,
which leads to SQL injection vulnerability. Successfully exploiting this vulnerability gives a ability to add new user onto system.
manage_domains_dkim_keygen_request.php endpoint is responsible for executing an operation system command. It's not possible
to access this endpoint without having a valid session.
Combining these vulnerabilities gives the opportunity execute operation system commands under the context
of the web user.
An unauthenticated user can execute a terminal command under the context of the web user.
One of the user supplied parameters of API endpoint is used by the application without input validation and/or parameter binding,
which leads to SQL injection vulnerability. Successfully exploiting this vulnerability gives a ability to add new user onto system.
manage_domains_dkim_keygen_request.php endpoint is responsible for executing an operation system command. It's not possible
to access this endpoint without having a valid session.
Combining these vulnerabilities gives the opportunity execute operation system commands under the context
of the web user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.