Author Topic: (0Day) CentOS Web Panel ajax_dashboard service_start Command Injection  (Read 5137 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Hi

I'm looking for information on if this has been fixed?
   
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability.

The specific flaw exists within ajax_dashboard.php. When parsing the service_start parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.

https://www.zerodayinitiative.com/advisories/ZDI-20-752/

Let's assume it hasn't been.  :(
They're not exactly renowned for responding to security researchers nor providing details of software updates.
It's a shame that the public notification doesn't supply a specific solution, such as "add the following mod_sec rule..".
« Last Edit: July 01, 2020, 12:02:13 AM by cynique »

Offline
*
please use the search option in the forum before posting so others don't need to do a search for you!
http://forum.centos-webpanel.com/index.php?topic=9244.msg32372#msg32372
AntiDDoS Protection (web + mail)
http://centos-webpanel.com/website-ddos-protection-proxy

Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp


Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor


Do you need Fast and FREE Support included for your CWP linux server?
http://centos-webpanel.com/noc-partner-list
Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Quote
01/23/20 – ZDI reported the vulnerabilities to the vendor
04/30/20 – ZDI requested a status update
05/20/20 – ZDI requested a status update
05/28/20 – ZDI requested a status update
06/12/20 - ZDI notified the vendor of the intention to publish these reports as 0-day advisories on 06/25/2020

Cool, do you have an information about the fix?
As mentioned before, here and elsewhere - communication is everything, especially where security is concerned.
« Last Edit: July 01, 2020, 10:32:07 AM by cynique »