Bug #14052: Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php`` - pfSense - pfSense bugtracker

Actions

Copy link

Bug #14052

closed

Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``

Added by Jim Pingle over 1 year ago. Updated over 1 year ago.

Status:

Resolved

Priority:

Urgent

Assignee:

Jim Pingle

Category:

Interfaces

Target version:

2.7.0

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

23.05

Release Notes:

Default

Affected Version:

Affected Architecture:

Description

When creating or editing a bridge interface on interfaces_bridge_edit.php, the submitted $_POST['bridgeif'] is used in interface_bridge_configure() before it is validated. Subsequently, that function calls others which in turn use the submitted interface name in shell commands.

Due to a lack of escaping on commands in the functions being called, it is possible to execute arbitrary commands with a properly formatted submission value for $_POST['bridgeif'] such as "; touch somefile; #".

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #14052

Bridge interface is not properly validated when submitted on ``interfaces_bridge_edit.php``

Updated by Jim Pingle over 1 year ago

Updated by Jim Pingle over 1 year ago

Updated by Jim Pingle over 1 year ago