Submit #189820: Blind remote OS command injection in Host Name on TOTOLink EX1200Linfo

TitelBlind remote OS command injection in Host Name on TOTOLink EX1200L
Beschreibung## Description and impact Function `setWanCfg` executes os command `echo` to overwrite hostname. An attacker can execute remote os command using crafted payload at `Host Name`. ## Root-cause When the function `setWanCfg` is called, it crafts os command following syntax `echo '%s' > /proc/sys/kernel/hostname`. The value of `Host name` is not validated. An attacker can send crafted payload to execute OS command. ![image](https://user-images.githubusercontent.com/29118926/257681580-135b9274-1f06-4a2b-b5cd-6c820e78a178.png)
Quelle⚠️ https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8
Benutzer
 dmknght (UID 51830)
Einreichung02.08.2023 04:38 (vor 3 Jahren)
Moderieren18.08.2023 10:04 (16 days later)
StatusAkzeptiert
VulDB Eintrag237515 [TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 setWanCfg erweiterte Rechte]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!