vendor:
destar
by:
non root user
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: destar
Affected Version From: 0.2.2-5
Affected Version To: 0.2.2-5
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux Debian
2008
Exploit for destar 0.2.2-5
This exploit allows an attacker to bypass authentication and gain access to the system. The exploit is coded in Python and requires the urllib, sys and re libraries. The attacker must provide a valid username and password for a normal user of destar, and then the exploit will attempt to log in as the root user. If successful, the attacker will have access to the system.
Mitigation:
Restart destar