Bohua NetDragon Firewall Command Injection Vulnerability in IP Status Processing

A critical command injection vulnerability has been identified in Bohua NetDragon Firewall version 1.0. The issue arises in the file '/systemstatus/ip_status.php', where insufficient validation of the 'subnet' parameter allows remote attackers to inject and execute arbitrary system commands. This vulnerability could lead to unauthorized access to the database, leakage of sensitive information, data manipulation, and disruption of services.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected system, with the potential to access, modify, or delete database information, access sensitive data, and disrupt services.

Reproduction

The vulnerability can be reproduced by sending a GET request to '/systemstatus/ip_status.php' with a crafted 'subnet' parameter that includes injected commands. The injected command is executed on the server, and the output is returned in the response.

Remediation

Users are advised to update to a version of Bohua NetDragon Firewall that addresses this vulnerability. Consult the vendor's website for information on available updates.