Remote code execution in Elttam GoAhead

Published: 2017-12-28 11:33:35
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-17562
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software GoAhead
Vulnerable software versions GoAhead -
Vendor URL Elttam

Security Advisory

1) Remote code execution


The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to an error in the cgiHandler function when CGI is enabled and a CGI program is dynamically linked. A remote attacker can make untrusted HTTP request parameters containing shared object payload in the cgiHandler function in cgi.c, allocate an array of pointers for the envp argument of the new process, initialize the environment of forked CGI scripts and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.


Update to version 3.6.5.

External links

Back to List