Main Vulnerability Database SB2020122904

SB2020122904 - OS command injection in Dolibarr

Published: December 29, 2020

Security Bulletin ID SB2020122904

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) OS Command Injection (CVE-ID: CVE-2020-35136)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation within the backup functionality. A remote privileged user can pass specially crafted filename via the zipfilename_template parameter to admin/tools/dolibarr_export.php and execute arbitrary OS commands on the target system.

Remediation

Install update from vendor's website.

References

http://bilishim.com/2020/12/18/zero-hunting-2.html
https://github.com/Dolibarr/dolibarr/commit/4fcd3fe49332baab0e424225ad10b76b47ebcbac
https://github.com/Dolibarr/dolibarr/releases
https://sourceforge.net/projects/dolibarr/