{ "id": "CVE-2024-45179", "sourceIdentifier": "cve@mitre.org", "published": "2024-10-09T04:15:09.487", "lastModified": "2024-11-21T09:37:25.703", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { "lang": "en", "value": "An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to insufficient input validation, the C-MOR web interface is vulnerable to OS command injection attacks. It was found out that different functionality is vulnerable to OS command injection attacks, for example for generating new X.509 certificates, or setting the time zone. These OS command injection vulnerabilities in the script generatesslreq.pml can be exploited as a low-privileged authenticated user to execute commands in the context of the Linux user www-data via shell metacharacters in HTTP POST data (e.g., the city parameter). The OS command injection vulnerability in the script settimezone.pml or setdatetime.pml (e.g., via the year parameter) requires an administrative user for the C-MOR web interface. By also exploiting a privilege-escalation vulnerability, it is possible to execute commands on the C-MOR system with root privileges." }, { "lang": "es", "value": "Se descubri\u00f3 un problema en za-internet C-MOR Video Surveillance 5.2401 y 6.00PL01. Debido a una validaci\u00f3n de entrada insuficiente, la interfaz web de C-MOR es vulnerable a ataques de inyecci\u00f3n de comandos del SO. Se descubri\u00f3 que diferentes funciones son vulnerables a ataques de inyecci\u00f3n de comandos del SO, por ejemplo, para generar nuevos certificados X.509 o configurar la zona horaria. Estas vulnerabilidades de inyecci\u00f3n de comandos del SO en el script generatesslreq.pml se pueden explotar como un usuario autenticado con privilegios bajos para ejecutar comandos en el contexto del usuario Linux www-data a trav\u00e9s de metacaracteres de shell en datos HTTP POST (por ejemplo, el par\u00e1metro city). La vulnerabilidad de inyecci\u00f3n de comandos del SO en el script settimezone.pml o setdatetime.pml (por ejemplo, a trav\u00e9s del par\u00e1metro year) requiere un usuario administrativo para la interfaz web de C-MOR. Al explotar tambi\u00e9n una vulnerabilidad de escalada de privilegios, es posible ejecutar comandos en el sistema C-MOR con privilegios de root." } ], "metrics": { "cvssMetricV31": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH" }, "exploitabilityScore": 1.2, "impactScore": 5.9 } ] }, "weaknesses": [ { "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-1289" } ] } ], "references": [ { "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-030.txt", "source": "cve@mitre.org" }, { "url": "http://seclists.org/fulldisclosure/2024/Sep/23", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }