#VU21159 Command Injection in CUJO Smart Firewall


Published: 2019-09-17

Vulnerability identifier: #VU21159

Vulnerability risk: Medium

CVSSv3.1: 8.5 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:U/RC:C]

CVE-ID: CVE-2018-3963

CWE-ID: CWE-77

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
CUJO Smart Firewall
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor: CUJO AI

Description

The vulnerability allows a local user to execute arbitrary commands on the target system.

The vulnerability exists due to insufficient validation of user-supplied input in the DHCP daemon configuration. A local authenticated user can send a DHCP request message, set up the corresponding static DHCP entry and execute arbitrary system commands on the target system.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

CUJO Smart Firewall: 7003

External links
http://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0627

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Multiple vulnerabilities in CUJO Smart Firewall