Command injection in iDRAC8 and iDRAC7

#VU12103 Command injection in iDRAC8 and iDRAC7

Published: 2018-04-23 | Updated: 2019-02-21

Vulnerability identifier: #VU12103

Vulnerability risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-5685

CWE-ID: CWE-74

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
iDRAC8
Web applications / Remote management & hosting panels
iDRAC7
Web applications / Remote management & hosting panels

Vendor: Dell

Description
The vulnerability allows a remote authenticated attacker to execute arbitrary commands on the target system.

The weakness exists due to a string injection. A remote attacker can gain Bash shell access and execute arbitrary commands.

Mitigation
Update to version 2.40.40.40.

Vulnerable software versions

iDRAC8: 2.00.00.00 - 2.35.35.35

iDRAC7: 2.10.10.10 - 2.32.31.30

External links
http://en.community.dell.com/techcenter/extras/m/white_papers/20443326

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Command execution in Dell EMC iDRAC7/iDRAC8