Epross AVCON6 OGNL Injection Vulnerability Leading to Remote Command Execution
Vulnerability
A vulnerability allowing object-graph navigation language (OGNL) injection has been identified in the Epross AVCON6 systems management platform. This flaw allows unauthenticated attackers to execute arbitrary commands by injecting malicious OGNL expressions. The vulnerability arises in the login.action endpoint, where OGNL payloads can be crafted and sent to execute system commands with root privileges by instantiating ProcessBuilder objects.
Impact
Exploitation of this vulnerability allows for remote command execution on the affected system with root privileges.
Reproduction
To reproduce this vulnerability, send a request to the login.action endpoint with a crafted OGNL payload in the redirect parameter. The payload should be designed to instantiate a ProcessBuilder object that executes a command of choice. The response will include the output of the executed command, indicating successful exploitation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.