OS Command Injection in Lifesize, Inc. products - #VU17440
Published: February 8, 2019
Vulnerability identifier: #VU17440
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: N/A
CWE-ID: CWE-78
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Lifesize, Inc.
Affected software:
Lifesize Networker
Lifesize Passport
Lifesize Room
Lifesize Team
Lifesize Networker
Lifesize Passport
Lifesize Room
Lifesize Team
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to execute arbitrary shell commands.
The vulnerability exists due to a user input is taken as is from $_REQUEST['mtu_size'] and than passed without any validation into "shell_exec". A remote attacker can trick the victim into visiting a malicious page or opening a malicious file, inject arbitrary shell commands and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Remediation
Cybersecurity Help is currently unaware of any official solution to address the vulnerability.