FastReport.OpenSource is vulnerable to remote code execution (RCE). An attacker can create a new expression or edit an existing one into, for example [System.String.Join(“,”, System.IO.Directory.GetDirectories(@“c:/”))] as the library does not use ScriptSecurity feature and mishandle GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.
CPE | Name | Operator | Version |
---|---|---|---|
fastreport.opensource | le | 2020.3.22 |
github.com/FastReports/FastReport/commit/0b3a5a34fbc7f6646d17144cfbd1385f80c46a4d
github.com/FastReports/FastReport/compare/v2020.3.0...v2020.4.0
github.com/FastReports/FastReport/pull/206
github.com/FastReports/FastReport/releases/tag/v2020.4.0
opensource.fast-report.com/2020/09/report-script-security.html
securitylab.github.com/advisories/GHSL-2020-143-FastReportsInc-FastReports