Vulnerability identifier: #VU17440
Vulnerability risk: High
CVSSv3.1: 9.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-78
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Lifesize Networker
Client/Desktop applications /
Office applications
Lifesize Passport
Client/Desktop applications /
Office applications
Lifesize Room
Client/Desktop applications /
Office applications
Lifesize Team
Client/Desktop applications /
Office applications
Vendor: Lifesize, Inc.
Description
The vulnerability allows a remote authenticated attacker to execute arbitrary shell commands.
The vulnerability exists due to a user input is taken as is from $_REQUEST['mtu_size'] and than passed without any validation into "shell_exec". A remote attacker can trick the victim into visiting a malicious page or opening a malicious file, inject arbitrary shell commands and execute arbitrary code with elevated privileges.
Successful exploitation of the vulnerability may result in system compromise.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address the vulnerability.
Vulnerable software versions
Lifesize Networker: All versions
Lifesize Passport: All versions
Lifesize Room: All versions
Lifesize Team: All versions
External links
http://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.