In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.
References
Link | Resource |
---|---|
https://s1gh.sh/cve-2020-13448-quickbox-authenticated-rce/ | Exploit Third Party Advisory |
Information
Published : 2020-06-01 09:15
Updated : 2020-06-02 07:08
NVD link : CVE-2020-13694
Mitre link : CVE-2020-13694
JSON object : View
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Products Affected
quickbox
- quickbox