Diligent ACL Analytics Arbitrary Code Execution Vulnerability

A vulnerability allowing arbitrary code execution exists in Diligent ACL Analytics versions 11.x through 13.0.0.579. This issue arises from improper control of code execution, enabling attackers to execute arbitrary commands via the EXECUTE function. Exploitation involves using bitsadmin to download and execute malicious PowerShell scripts with system privileges, potentially leading to reverse shell access and complete control over the system.

Impact

Exploitation of this vulnerability allows for arbitrary code execution with system privileges, enabling attackers to execute commands, download additional payloads, and potentially establish persistent access through reverse shells.

Reproduction

The vulnerability can be reproduced by using the EXECUTE function to run bitsadmin commands that download PowerShell scripts from a remote server to the local machine. Once the script is downloaded, it can be executed using PowerShell, with the downloaded script performing the desired actions, such as opening a reverse shell.