Want an API key with administrative privileges? Not problem just call getAPIKey entry point to obtain one and use it to get RCE with root privileges - no need to authenticate - another great report just obtained by @SecuriTeam_SSD from one of our researchers - vendor notifiedpic.twitter.com/Av1vcAo1CV
That indeed sounds good/bad for the relevant stakeholders. But without info about the mentioned entry point being exported function or rest api or whatever and a detail like what security context the code execution is running under, the message imo classifies as noise. sorry
-
-
We do want the vendor to fix it before we go public, it’s a product used quite often to manage devices such as routers and switches. Naming the entry point would reveal both the product name and where the vulnerability is located at. The code is executed with “root” privileges
-
I mean command - it’s command execution not code
- Show replies
New conversation -
-
-
As the patch is out and our advisory is almost here, is is a short demo of the vulnerabilitypic.twitter.com/11GGx4efRW
-
Movie not loading ... hrm will try again
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.