CVE-2024-41661 - Vulnerability Details

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-50094. Reason: This candidate is a duplicate of CVE-2023-50094. Notes: All CVE users should reference CVE-2023-50094 instead of this candidate.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

No reference.

History

Thu, 29 Aug 2024 23:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-78
References	https://github.com/yogeshojha/rengine/blob/53d9f505f04861a5040195ea71f20907ff90577a/web/api/views.py#L268-L275 https://github.com/yogeshojha/rengine/commit/3d5f1724dd12cf9861443742e7d7c02ff8c75a6f https://github.com/yogeshojha/rengine/commit/edd3c85ee16f93804ad38dac5602549d2d30a93e https://github.com/yogeshojha/rengine/security/advisories/GHSA-fx7f-f735-vgh4
Metrics	cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}`

Thu, 29 Aug 2024 23:30:00 +0000

Type	Values Removed	Values Added
Title	reNgine authenticated command injection in WAF detection tool

Thu, 29 Aug 2024 22:30:00 +0000

Type	Values Removed	Values Added
Description	reNgine is an automated reconnaissance framework for web applications. In versions 1.2.0 through 2.1.1, an authenticated command injection vulnerability in the WAF detection tool allows an authenticated attacker to remotely execute arbitrary commands as root user. The URL query parameter `url` is passed to `subprocess.check_output` without any sanitization, resulting in a command injection vulnerability. This API endpoint is accessible by authenticated users with any use role. Because the process runs as `root`, an attacker has root access. Commit edd3c85ee16f93804ad38dac5602549d2d30a93e contains a patch for the issue.	REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-50094. Reason: This candidate is a duplicate of CVE-2023-50094. Notes: All CVE users should reference CVE-2023-50094 instead of this candidate.