| Title | CosmodiumCS OnlyRAT Latest version available OS Command Injection |
|---|
| Description | OnlyRAT, a C2 developed by CosmodiumCS, is vulnerable to OS command injection due to unsafe usage of Python’s os.system() function throughout its codebase. Configuration values are inserted directly into shell commands without sanitization or escaping. This design flaw allows attackers to execute arbitrary system commands by supplying a crafted configuration file.
|
|---|
| Source | ⚠️ https://docs.google.com/document/d/1oq9YO831FbEDBI2BqNiW-7YA_kMzHJmMgy82F8f-L9g/edit?usp=sharing |
|---|
| User | unhingedazrael (UID 89347) |
|---|
| Submission | 09/04/2025 20:31 (9 months ago) |
|---|
| Moderation | 09/21/2025 10:09 (17 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 325123 [CosmodiumCS OnlyRAT up to 3.2 Configuration File main.py connect/remote_upload/remote_download configuration["PASSWORD"] os command injection] |
|---|
| Points | 19 |
|---|