CVE-2018-1335 - WriteUps

CVE-2018-1335 WriteUps

Haii!! How are you?!!

Kali ini saya akan membagikan artikel tentang temuan yang saya temukan pada suatu website yang rentan pada kerentanan CVE-2018-1335. oke langsung saja.

Details Information Vulnerability:

The type of vulnerability we’re discussing here is known as command injection. This occurs when an application that is susceptible to attack does not properly sanitize user input before passing it to the system shell, thereby enabling the execution of harmful code. When we contrast this with code injection, we can identify several distinctions. For instance, code injection gives the attacker the ability to introduce their own code that the application then executes. However, in the case of command injection, the attacker alters the application’s functionality, which permits users to execute system commands.

Severity Score: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Proof of Concept (PoC):

This document contains various server endpoints with HTTP methods and generated media types. These endpoints are related to the detection of document type, language, metadata, and text extraction from documents image CVE-2018-1335 is a security vulnerability related to Apache Tika versions 1.7 to 1.17. This vulnerability allows command injection attacks on servers running tika-server. This attack can occur if the tika-server is open to untrusted clients. Attackers can leverage specially crafted headers to inject commands into the command line of the server running tika-server image image Search results return an exploit module named “exploit/windows/http/apache_tika_jp2_jscript,” with details such as disclosure date (2018-04-25), rating (excellent), and description (“Apache Tika Header Command Injection”). This information indicates that the module can be used to test or exploit Apache Tika-related vulnerabilities, specifically through command header injection. image The highlighted section shows the “search exploit suggester” command which suggests that users search for potential exploits related to a particular vulnerability or software. image The text in the terminal shows various IP addresses followed by file paths and statuses such as “Potentially vulnerable,” “The target appears to be vulnerable,” and “Yes” or “No” indicating whether a particular exploit is available. applies. image

PoC Video on Youtube:

Youtube

Impact:

Unauthorized System Access: Command injection vulnerabilities can allow an attacker to execute arbitrary commands on the host operating system. This could potentially lead to unauthorized system access.

References:

NIST

Exploit-DB