PT-2020-13368 · Netsweeper · Netsweeper

Published

2020-05-19

Updated

2021-07-21

CVE-2020-13167

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Netsweeper versions prior to 6.4.4

Description The issue allows unauthenticated remote code execution. This is possible because the webadmin/tools/unixlogin.php endpoint, when provided with certain Referer headers, launches a command line with client-supplied parameters. It also allows the injection of shell metacharacters.

Recommendations For versions prior to 6.4.4, update to version 6.4.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the webadmin/tools/unixlogin.php endpoint to minimize the risk of exploitation. Avoid using this endpoint with untrusted input until the issue is resolved.

Exploit

Fix

RCE

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2020-13167

Affected Products

Netsweeper

PT-2020-13368 · Netsweeper · Netsweeper

CVE-2020-13167

Weakness Enumeration

Related Identifiers

Affected Products

References · 4