Skip to content

Instantly share code, notes, and snippets.

@tonykuo76

tonykuo76/HGiga C&Cmail Privilege Escalation leads to OS Command Injection.md Secret

Last active January 10, 2021 02:02
Show Gist options
  • Save tonykuo76/7d41c414f23ef1e47c97f7b97e1b33b0 to your computer and use it in GitHub Desktop.
Save tonykuo76/7d41c414f23ef1e47c97f7b97e1b33b0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
HGiga C&Cmail Privilege Escalation leads to OS Command Injection.md

HGiga C&Cmail Privilege Escalation leads to OS Command Injection

Current Description

HGiga C&Cmail is vulnerable to a privilege escalation vulnerability, which leading to execution of arbitrary OS commands via file parameter without authentication. The OS commands can executed for any user accessing the page without authentication. This vulnerability affects many mail system of governments, organizations and companies.

Details

The injection point is file parameter in "cfg_download.php".

It allows remote attackers to execute arbitrary OS commands via file paramemer without authentication.

Description

Remote attackers can execute OS Command without authentication and upload the webshell to the target server. The remote attacker can compromise target server.

Affected files

http://[Target Domain]/EIP/oll/admin/cfg_download.php

Contributor

  • Tony Kuo (CHT Security)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment