#VU17440 OS Command Injection in Lifesize, Inc. Client/Desktop applications


Published: 2019-02-08

Vulnerability identifier: #VU17440

Vulnerability risk: High

CVSSv3.1: 9.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: N/A

CWE-ID: CWE-78

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Lifesize Networker
Client/Desktop applications / Office applications
Lifesize Passport
Client/Desktop applications / Office applications
Lifesize Room
Client/Desktop applications / Office applications
Lifesize Team
Client/Desktop applications / Office applications

Vendor: Lifesize, Inc.

Description
The vulnerability allows a remote authenticated attacker to execute arbitrary shell commands.

The vulnerability exists due to a user input is taken as is from $_REQUEST['mtu_size'] and than passed without any validation into "shell_exec". A remote attacker can trick the victim into visiting a malicious page or opening a malicious file, inject arbitrary shell commands and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address the vulnerability.

Vulnerable software versions

Lifesize Networker: All versions

Lifesize Passport: All versions

Lifesize Room: All versions

Lifesize Team: All versions


External links
http://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability