Project

General

Profile

Bug #9061

PowerD command parameter validation and escaping

Added by Jim Pingle over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Urgent
Assignee:
Category:
Hardware / Drivers
Target version:
Start date:
10/23/2018
Due date:
% Done:

100%

Estimated time:
Affected Version:
All
Affected Architecture:
All

Description

The powerd parameters powerd_ac_mode, powerd_battery_mode, and powerd_normal_mode are not validated against the list of expected mode strings in /usr/local/www/system_advanced_misc.php. They are also not escaped before use when invoking the powerd command inside activate_powerd() from /etc/inc/system.inc.

This can lead to an authenticated command injection for users with access to that page.

Associated revisions

Revision 3be69929 (diff)
Added by Jim Pingle over 1 year ago

Validate and protect powerd option values. Fixes #9061

Revision c95a79d3 (diff)
Added by Jim Pingle over 1 year ago

Validate and protect powerd option values. Fixes #9061

(cherry picked from commit 3be699295e5cb7be24cc5361700be1a8b759e26c)

History

#1 Updated by Jim Pingle over 1 year ago

  • Status changed from Assigned to Feedback
  • % Done changed from 0 to 100

#2 Updated by Anonymous over 1 year ago

Could recreate the behavior on 2.4.4. On 2.4.5.a.20181102.0213, could not reproduce the behavior, received


The following input errors were detected:

    Invalid Battery Power mode.

after modifying the value of Battery Power mode and clicking Save.

#3 Updated by Anonymous over 1 year ago

  • Status changed from Feedback to Resolved

#4 Updated by Jim Pingle over 1 year ago

  • Private changed from Yes to No

Also available in: Atom PDF