CVE-2020-26124

Name of the Vulnerable Software and Affected Versions openmediavault versions prior to 4.1.36 openmediavault versions 5.x prior to 5.5.12

Description The issue allows authenticated PHP code injection attacks via the sortfield POST parameter of "rpc.php", due to the lack of json encode safe usage in config/databasebackend.inc. This can lead to arbitrary command execution on the underlying operating system as root.

Recommendations For openmediavault versions prior to 4.1.36, update to version 4.1.36 or later. For openmediavault versions 5.x prior to 5.5.12, update to version 5.5.12 or later. As a temporary workaround, consider restricting access to the "rpc.php" endpoint to minimize the risk of exploitation. Avoid using the sortfield parameter in the affected API endpoint until the issue is resolved.