OpenFiler 2.99.1 - Arbitrary Code Execution

ID SSV:86484
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                # Exploit Title: Arbitrary Code Execution in Openfiler

# Exploit author: Dolev Farhi @f1nhack

# Date 07/05/2014

# Vendor homepage:

# Affected Software version: 2.99.1

# Alerted vendor: 7.5.14

Software Description
Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based 
Storage Area Networking functionality in a single cohesive framework.

Vulnerability Description
Arbitrary code execution

Steps to reproduce / PoC:
1.1. Login to Openfiler dashboard.

1.2. Under system tab -> Hostname

1.3. Enter any shell command you desire using the backticks ` ` 

	e.g. `cat /etc/passwd`
1.4. the code reflects in the hostname value space

  <-> PoC Video: