A vulnerability has been found in Fujitsu ETERNUS CentricStor CS8000 up to 8.1A SP02 P03 and classified as critical. Affected by this vulnerability is the function requestTempFile of the file hw_view.php of the component POST Parameter Handler. The manipulation of the argument unitName with an unknown input leads to a os command injection vulnerability. The CWE definition for the vulnerability is CWE-78. The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands.

The weakness was presented 06/20/2022. It is possible to read the advisory at research.nccgroup.com. This vulnerability is known as CVE-2022-31794 since 05/29/2022. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1202 according to MITRE ATT&CK.

By approaching the search of inurl:hw_view.php it is possible to find vulnerable targets with Google Hacking.

Applying the patch 8.1A SP02 P04 is able to eliminate this problem.

Productinfo

Vendor

• Fujitsu

Name

• ETERNUS CentricStor CS8000

Version

• 8.1A SP02 P03

License

• commercial

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion