CVE-2020-10511

HGiga C&Cmail Privilege Escalation leads to OS Command Injection


Current Description

HGiga C&Cmail is vulnerable to a privilege escalation vulnerability, which leading to execution of arbitrary OS commands via file parameter without authentication. 

The OS commands can executed for any user accessing the page without authentication. 

This vulnerability affects many mail system of governments, organizations and companies.



Details

The injection point is file parameter in "cfg_download.php".


It allows remote attackers to execute arbitrary OS commands via file parameter without authentication.



Description

Remote attackers can execute OS Command without authentication and upload the webshell to the target server. 

The remote attacker can compromise target server.



Affected files

http://`[Target Domain]`/EIP/oll/admin/cfg_download.php



Contributor

  • Tony Kuo (CHT Security)