Bug #6474: Command injection vulnerability in pkg_mgr_install.php, id parameter - pfSense - pfSense bugtracker

Actions

Copy link

Bug #6474

closed

Command injection vulnerability in pkg_mgr_install.php, id parameter

Added by Jim Pingle over 8 years ago. Updated almost 8 years ago.

Status:

Resolved

Priority:

Urgent

Assignee:

Jim Pingle

Category:

Package System

Target version:

2.3.1-p2

Start date:

06/09/2016

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.3.x

Affected Architecture:

Description

Command injection is possible using the id parameter on pkg_mgr_install.php

http://ip/pkg_mgr_install.php?id=firmware`/path/to/some/command`

Renato fixed it yesterday, adding this for tracking purposes.

Actions

Copy link

Updated by Jim Pingle over 8 years ago

Description updated (diff)

To me for confirmation that it's fixed

Actions

Copy link

Updated by Jim Pingle over 8 years ago

Status changed from Feedback to Resolved

It appears to be fixed. I could exploit it before, but not after.

Actions

Copy link

Updated by Jim Pingle almost 8 years ago

Private changed from Yes to No

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #6474

Command injection vulnerability in pkg_mgr_install.php, id parameter

Updated by Jim Pingle over 8 years ago

Updated by Jim Pingle over 8 years ago

Updated by Jim Pingle almost 8 years ago