BoZoN Pre-Auth Command Execution
A Bozon vulnerability allows unauthenticated attackers to add arbitrary users and inject system commands to the "auto_restrict_users.php" file of the Bozon web interface. This issue results in arbitrary code execution on the affected host, attackers system commands will get written and stored to the PHP file "auto_restrict_users.php" under the private/ directory of the Bozon application, making them persist. Remote attackers will get the command responses from functions like phpinfo() as soon as the HTTP request has completed. In addition when an admin or user logs in or the webpage gets reloaded the attackers commands are then executed as they are stored. If a Command is not injected to the "auto_restrict_users.php" file, unauthenticated attackers can opt to add user accounts at will.