PT-2010-1361 · Isolsoft · Isolsoft Support Center

Moudi

Published

2010-01-04

Updated

2017-09-19

CVE-2009-4541

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IsolSoft Support Center version 2.5

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to various PHP files, including 'newticket.php', 'rempass.php', and 'index.php' in an 'adduser' action. This can also be used to include and execute arbitrary local files via '..' (dot dot) sequences.

Recommendations For IsolSoft Support Center version 2.5, consider restricting access to the lang parameter in the affected PHP files until a patch is available. As a temporary workaround, restrict the use of the lang parameter to minimize the risk of exploitation.

Exploit

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2009-4541

Affected Products

Isolsoft Support Center

PT-2010-1361 · Isolsoft · Isolsoft Support Center

CVE-2009-4541

Weakness Enumeration

Related Identifiers

Affected Products

References · 11