Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/1iLMFSbY8x1CXIf0uFntovY6yZ7N24dQA/view?usp=sharing | Exploit Issue Tracking Third Party Advisory |
https://drive.google.com/file/d/1smOjvenPB-nE0PyIxnfujCT4KcxxkeWV/view?usp=sharing | Exploit Third Party Advisory |
https://gist.github.com/mhaskar/bfa9c2c799fca6697bcc6a213d08cb3e | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-10T21:38:37
Updated: 2020-12-10T21:38:37
Reserved: 2020-11-27T00:00:00
Link: CVE-2020-29311
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-10T23:15:13.270
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-29311
JSON object: View
Redhat Information
No data.