返回 CVE 瀏覽器

CVE-2017-17562

Known Exploited (CISA KEV)HIGH

8.1

CVSS Severity Score

EPSS Score45.9790%

EPSS Percentile95.64th

Published2017年12月12日

Last Modified2026年4月21日

Vulnerability Description

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.

Affected Platforms (CPE)

📦

Embedthis

Goahead

< 3.6.5

📦

Oracle

Integrated Lights Out Manager

= 3.0

📦

Oracle

Integrated Lights Out Manager

= 4.0

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

🔗 http://www.securitytracker.com/id/1040702

🔗 https://github.com/elttam/advisories/tree/master/CVE-2017-17562

🔗 https://github.com/embedthis/goahead/commit/6f786c123196eb622625a920d54048629a7caa74

🔗 https://github.com/embedthis/goahead/issues/249

🔗 https://www.elttam.com.au/blog/goahead/

🔗 https://www.exploit-db.com/exploits/43360/

🔗 https://www.exploit-db.com/exploits/43877/

相關漏洞威脅

CVE-2015-793710.0

Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remot...

CVE-2019-153119.8

An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Hal...

CVE-2019-50969.8

An exploitable code execution vulnerability exists in the processing of multi-part/form-data requests within the base GoAhead web ...

CVE-2021-423429.8

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI s...