Control Web Panel

WebPanel => Information => Topic started by: screwloose on June 30, 2020, 11:49:46 PM

Title: (0Day) CentOS Web Panel ajax_dashboard service_start Command Injection
Post by: screwloose on June 30, 2020, 11:49:46 PM
Hi

I'm looking for information on if this has been fixed?
   
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability.

The specific flaw exists within ajax_dashboard.php. When parsing the service_start parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root.

https://www.zerodayinitiative.com/advisories/ZDI-20-752/
Title: Re: (0Day) CentOS Web Panel ajax_dashboard service_start Command Injection
Post by: cynique on July 01, 2020, 12:00:32 AM
Let's assume it hasn't been.  :(
They're not exactly renowned for responding to security researchers nor providing details of software updates.
It's a shame that the public notification doesn't supply a specific solution, such as "add the following mod_sec rule..".
Title: Re: (0Day) CentOS Web Panel ajax_dashboard service_start Command Injection
Post by: Administrator on July 01, 2020, 10:15:40 AM
please use the search option in the forum before posting so others don't need to do a search for you!
http://forum.centos-webpanel.com/index.php?topic=9244.msg32372#msg32372
Title: Re: (0Day) CentOS Web Panel ajax_dashboard service_start Command Injection
Post by: cynique on July 01, 2020, 10:29:58 AM
Quote
01/23/20 ZDI reported the vulnerabilities to the vendor
04/30/20 ZDI requested a status update
05/20/20 ZDI requested a status update
05/28/20 ZDI requested a status update
06/12/20 - ZDI notified the vendor of the intention to publish these reports as 0-day advisories on 06/25/2020

Cool, do you have an information about the fix?
As mentioned before, here and elsewhere - communication is everything, especially where security is concerned.