Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

sleuthkit 4.11.1 - Command Injection

🗓️ 03 Apr 2023 00:00:00Reported by Dino BarlattaniType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 151 Views

sleuthkit 4.11.1 Command Injection CVE-2022-4563

Related
Code
ReporterTitlePublishedViews
Family
0day.today		sleuthkit 4.11.1 - Command Injection Exploit
3 Apr 202300:00
zdt
CBLMariner		CVE-2022-45639 affecting package sleuthkit 4.9.0-4
12 Jan 202509:15
cbl_mariner
Circl		CVE-2022-45639
24 Jan 202307:25
circl
CNNVD		sleuthkit fls 操作系统命令注入漏洞
24 Jan 202300:00
cnnvd
CVE		CVE-2022-45639
24 Jan 202300:00
cve
Cvelist		CVE-2022-45639
24 Jan 202300:00
cvelist
EUVD		EUVD-2022-48503
3 Oct 202520:07
euvd
Microsoft CVE		OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
4 Sep 202504:54
mscve
NVD		CVE-2022-45639
24 Jan 202302:15
nvd
OSV		CVE-2022-45639
24 Jan 202302:15
osv
Rows per page
# Exploit Title: sleuthkit 4.11.1 - Command Injection 
 # Date: 2023-01-20
# CVE-2022-45639
# Vendor Homepage: https://github.com/sleuthkit
# Vulnerability Type: Command injection
# Attack Type: Local
# Version: 4.11.1
# Exploit Author: Dino Barlattani, Giuseppe Granato
# Link poc: https://www.binaryworld.it/guidepoc.asp#CVE-2022-45639
# POC:

fls tool is affected by command injection in parameter "-m" when run on
linux system.
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows
attackers to execute arbitrary commands
via a crafted value to the m parameter

when it run on linux, a user can insert in the -m parameter a buffer with
backtick with a shell command.
If it run with a web application as front end it can execute commands on
the remote server.

The function affected by the vulnerability is "tsk_fs_fls()" from the
"fls_lib.c" file

#ifdef TSK_WIN32
   {
   ....
   }
#else

   data.macpre = tpre; <---------------

   return tsk_fs_dir_walk(fs, inode, flags, print_dent_act, &data);

#endif

Run command:

$ fls -m `id` [Options]


-- 
*Dino Barlattani*
www.linkedin.com/in/dino-barlattani-10bba11a9/
www.binaryworld.it <http://Binaryworld.it>
www.youtube.com/user/dinbar78

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Apr 2023 00:00Current
7.7High risk
Vulners AI Score7.7
CVSS 3.17.8
EPSS0.01035
SSVC
sleuthkitcommand injectionlinuxweb applicationfls tool
151