Command execution in Lifesize products

Published: 2019-02-08 14:13:01
Severity High
Patch available NO
Number of vulnerabilities 1
CVE ID N/A
CVSSv3 9.1 [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CWE ID CWE-78
Exploitation vector Network
Public exploit N/A
Vulnerable software Lifesize Networker
Lifesize Passport
Lifesize Room
Lifesize Team
Vulnerable software versions Lifesize Networker -
Lifesize Passport -
Lifesize Room -
Lifesize Team -
Vendor URL Lifesize, Inc.

Security Advisory

1) OS Command Injection

Description

The vulnerability allows a remote authenticated attacker to execute arbitrary shell commands.

The vulnerability exists due to a user input is taken as is from $_REQUEST['mtu_size'] and than passed without any validation into "shell_exec". A remote attacker can trick the victim into visiting a malicious page or opening a malicious file, inject arbitrary shell commands and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Remediation

Cybersecurity Help is currently unaware of any official solution to address the vulnerability.

External links

https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113

Back to List