| عنوان | Kodbox 1.64 Command Injection |
|---|
| الوصف | The fileThumb plugin in kodbox reads the ffmpegBin and imagickBin configuration values and passes them directly into shell_exec($bin . ' --help') without escaping or whitelisting. An authenticated administrator can set these values to include shell metacharacters (e.g., ffmpeg; <command>;#) via admin/plugin/setConfig, then trigger plugin/fileThumb/check to execute arbitrary system commands on the server.
This results in a post-auth remote command execution vulnerability: once an attacker gains administrative configuration rights, they can run arbitrary commands under the web server’s privileges. Mitigation requires removing unsafe shell concatenation, strictly whitelisting allowed binaries and paths, using non-shell process execution APIs with validated arguments, and tightening configuration permissions and auditing. |
|---|
| المصدر | ⚠️ https://vulnplus-note.wetolink.com/share/3ml5XA0firIa |
|---|
| المستخدم | vulnplusbot (UID 96250) |
|---|
| ارسال | 09/03/2026 04:31 AM (2 أشهر منذ) |
|---|
| الاعتدال | 22/03/2026 12:40 PM (13 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 352427 [kalcaddle kodbox 1.64 fileThumb Endpoint app.php checkBin تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|