Infinxt iEdge 100 Command Injection Vulnerability in Troubleshoot Module

A command injection vulnerability has been identified in the Infinxt iEdge 100, version 2.1.32, within the Troubleshoot module's 'MTR' functionality. This vulnerability arises from inadequate validation of user-supplied input in the 'mtrIp' parameter, allowing attackers to execute arbitrary operating system commands on the underlying system with the same privileges as the web application process.

Impact

Exploitation of this vulnerability allows for unauthorized execution of operating system commands, potentially leading to unauthorized access, data breaches, and system compromise.

Reproduction

To reproduce this vulnerability, log into the console and navigate to Troubleshoot → MTR. Enter an IP address and capture the request using a tool like Burp Suite. Then, inject a command payload into the 'mtrIp' parameter, such as a command to read the '/etc/passwd' file. The injected command's output will be returned in the HTTP response, demonstrating successful exploitation.

Remediation

To mitigate this vulnerability, validate and sanitize all user inputs, use parameterized commands or APIs, and apply least privilege principles to limit the execution context of applications. Regular security testing and code reviews are also recommended to identify and address potential vulnerabilities.