Skip to content

Instantly share code, notes, and snippets.

What would you like to do?

HGiga C&Cmail Privilege Escalation leads to OS Command Injection

Current Description

HGiga C&Cmail is vulnerable to a privilege escalation vulnerability, which leading to execution of arbitrary OS commands via file parameter without authentication. The OS commands can executed for any user accessing the page without authentication. This vulnerability affects many mail system of governments, organizations and companies.


The injection point is file parameter in "cfg_download.php".

It allows remote attackers to execute arbitrary OS commands via file paramemer without authentication.


Remote attackers can execute OS Command without authentication and upload the webshell to the target server. The remote attacker can compromise target server.

Affected files

http://[Target Domain]/EIP/oll/admin/cfg_download.php


  • Tony Kuo (CHT Security)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.