by vicarius
log in join community
by @secatgourity
22 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding the convulted RCE exploit for openITCOCKPIT (CVE-2019-10227)

by @secatgourity
by @secatgourity
22 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding the convulted RCE exploit for openITCOCKPIT (CVE-2019-10227)

CVEs

CVE-2019-10227
6.1 Medium Severity

Screenshots from the blog posts

images/clysoorw8hb141gn91uo3fjk4.pngimages/clysoorw8hb141gn91uo3fjk4.png

Summary

In this post, we understand CSRF exploit for openITCOCKPIT leading to RCE. It all starts from implanting an OS command in the macro, that's used in a host command, then that host command is used for the host. The monitoring configuration when refreshed gives the attacker the reverse shell!

Script link

openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery

openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery. CVE-2019-10227 . webapps exploit for PHP platform

image

Description

Tags

#RCE#exposed_to_RCE_attack#php#openITCOCKPIT

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)