With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new "file type" and the code can be executed with an HTTP request.
References
Link | Resource |
---|---|
http://artica.com | Vendor Advisory |
http://pandora.com | Vendor Advisory |
https://k4m1ll0.com/chained_exploit_htaccess.html | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-11-03T11:33:57
Updated: 2021-11-03T11:33:57
Reserved: 2021-07-12T00:00:00
Link: CVE-2021-36697
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-03T12:15:07.643
Modified: 2021-11-05T12:16:40.190
Link: CVE-2021-36697
JSON object: View
Redhat Information
No data.
CWE