vendor:
OTRS
by:
Bæln0rn
8.8
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: OTRS
Affected Version From: 4.0.1
Affected Version To: 6.0.1
Patch Exists: YES
Related CWE: CVE-2017-16921
CPE: a:otrs:otrs
Other Scripts:
N/A
Platforms Tested: OTRS 5.0.2/CentOS 7.2.1511
2018
OTRS 5.0.x/6.0.x – Remote Command Execution (1)
In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.
Mitigation:
Ensure that all form parameters are properly validated and sanitized before being used.