vendor:
Tuleap
by:
Jerzy Kramarz
7,5
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: Tuleap
Affected Version From: 7.4.99.5
Affected Version To: 7.4.99.5
Patch Exists: YES
Related CWE: CVE-2014-7178
CPE: a:enalean:tuleap
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2014
Tuleap <= 7.4.99.5 Remote Command Execution in Enalean Tuleap
Tuleap does not validate the syntax of the requests submitted to SVN handler pages in order to validate weather request passed to passthru() function are introducing any extra parameters that would be executed in the content of the application. This vulnerability can be exploited by external attackers to introduce external commands into the workflow of the application that would execute them as shown on the attached Proof Of Concept code below.
Mitigation:
Validate the syntax of the requests submitted to SVN handler pages in order to validate weather request passed to passthru() function are introducing any extra parameters that would be executed in the content of the application.
