| 제목 | Kodbox 1.64 Command Injection |
|---|
| 설명 | The fileThumb plugin in kodbox reads the ffmpegBin and imagickBin configuration values and passes them directly into shell_exec($bin . ' --help') without escaping or whitelisting. An authenticated administrator can set these values to include shell metacharacters (e.g., ffmpeg; <command>;#) via admin/plugin/setConfig, then trigger plugin/fileThumb/check to execute arbitrary system commands on the server.
This results in a post-auth remote command execution vulnerability: once an attacker gains administrative configuration rights, they can run arbitrary commands under the web server’s privileges. Mitigation requires removing unsafe shell concatenation, strictly whitelisting allowed binaries and paths, using non-shell process execution APIs with validated arguments, and tightening configuration permissions and auditing. |
|---|
| 원천 | ⚠️ https://vulnplus-note.wetolink.com/share/3ml5XA0firIa |
|---|
| 사용자 | vulnplusbot (UID 96250) |
|---|
| 제출 | 2026. 03. 09. AM 04:31 (2 개월 ago) |
|---|
| 모더레이션 | 2026. 03. 22. PM 12:40 (13 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 352427 [kalcaddle kodbox 1.64 fileThumb Endpoint app.php checkBin 권한 상승] |
|---|
| 포인트들 | 20 |
|---|