Vulners
Lucene search
Sleuthkit 4.11.1 Command Injection
🗓️ 03 Apr 2023 00:00:00Reported by Dino Barlattani, Giuseppe GranatoType 
packetstorm🔗 packetstormsecurity.com👁 215 Views
| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
 | sleuthkit 4.11.1 - Command Injection Exploit | 3 Apr 202300:00 | – | zdt |
 | CVE-2022-45639 affecting package sleuthkit 4.9.0-4 | 12 Jan 202509:15 | – | cbl_mariner |
 | CVE-2022-45639 | 24 Jan 202307:25 | – | circl |
 | sleuthkit fls 操作系统命令注入漏洞 | 24 Jan 202300:00 | – | cnnvd |
 | CVE-2022-45639 | 24 Jan 202300:00 | – | cve |
 | CVE-2022-45639 | 24 Jan 202300:00 | – | cvelist |
 | sleuthkit 4.11.1 - Command Injection | 3 Apr 202300:00 | – | exploitdb |
 | EUVD-2022-48503 | 3 Oct 202520:07 | – | euvd |
 | OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line. | 4 Sep 202504:54 | – | mscve |
 | CVE-2022-45639 | 24 Jan 202302:15 | – | nvd |
10
`# Exploit Title: sleuthkit 4.11.1 - Command Injection
# Date: 2023-01-20
# CVE-2022-45639
# Vendor Homepage: https://github.com/sleuthkit
# Vulnerability Type: Command injection
# Attack Type: Local
# Version: 4.11.1
# Exploit Author: Dino Barlattani, Giuseppe Granato
# Link poc: https://www.binaryworld.it/guidepoc.asp#CVE-2022-45639
# POC:
fls tool is affected by command injection in parameter "-m" when run on
linux system.
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows
attackers to execute arbitrary commands
via a crafted value to the m parameter
when it run on linux, a user can insert in the -m parameter a buffer with
backtick with a shell command.
If it run with a web application as front end it can execute commands on
the remote server.
The function affected by the vulnerability is "tsk_fs_fls()" from the
"fls_lib.c" file
#ifdef TSK_WIN32
{
....
}
#else
data.macpre = tpre; <---------------
return tsk_fs_dir_walk(fs, inode, flags, print_dent_act, &data);
#endif
Run command:
$ fls -m `id` [Options]
--
*Dino Barlattani*
www.linkedin.com/in/dino-barlattani-10bba11a9/
www.binaryworld.it <http://Binaryworld.it>
www.youtube.com/user/dinbar78
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Apr 2023 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 3.17.8
EPSS0.01035
SSVC