module
Xymon useradm Command Execution
| Disclosed |
|---|
| Feb 14, 2016 |
Disclosed
Feb 14, 2016
Description
This module exploits a command injection vulnerability in Xymon
versions before 4.3.25 which allows authenticated users
to execute arbitrary operating system commands as the web
server user.
When adding a new user to the system via the web interface with
`useradm.sh`, the user's username and password are passed to
`htpasswd` in a call to `system()` without validation.
This module has been tested successfully on Xymon version 4.3.10
on Debian 6.
versions before 4.3.25 which allows authenticated users
to execute arbitrary operating system commands as the web
server user.
When adding a new user to the system via the web interface with
`useradm.sh`, the user's username and password are passed to
`htpasswd` in a call to `system()` without validation.
This module has been tested successfully on Xymon version 4.3.10
on Debian 6.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.