module
Mida Solutions eFramework ajaxreq.php Command Injection
| Disclosed |
|---|
| Jul 24, 2020 |
Disclosed
Jul 24, 2020
Description
This module exploits a command injection vulnerability in Mida
Solutions eFramework version 2.9.0 and prior.
The `ajaxreq.php` file allows unauthenticated users to inject
arbitrary commands in the `PARAM` parameter to be executed as
the apache user. The sudo configuration permits the apache user
to execute any command as root without providing a password,
resulting in privileged command execution as root.
This module has been successfully tested on Mida Solutions
eFramework-C7-2.9.0 virtual appliance.
Solutions eFramework version 2.9.0 and prior.
The `ajaxreq.php` file allows unauthenticated users to inject
arbitrary commands in the `PARAM` parameter to be executed as
the apache user. The sudo configuration permits the apache user
to execute any command as root without providing a password,
resulting in privileged command execution as root.
This module has been successfully tested on Mida Solutions
eFramework-C7-2.9.0 virtual appliance.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.