Avigilon ACM Host Header Injection Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A host header injection vulnerability has been identified in Avigilon ACM version 7.10.0.20. This vulnerability allows attackers to execute arbitrary code by sending a crafted URL that exploits the application's handling of the HTTP Host header. The application improperly validates or sanitizes the Host header before using it in server-side code, which can lead to various attacks such as web cache poisoning, open redirects, and phishing.
Impact
Exploitation of this vulnerability could result in arbitrary code execution on the server.
Reproduction
To reproduce this vulnerability, send a request to the Avigilon ACM application with a crafted Host header. The application will trust the injected host value and may use it in redirects or dynamic content generation, potentially leading to code execution.
Remediation
It is recommended to validate and sanitize the Host header, avoiding its use for URL generation. Instead, use a hardcoded application base URL for creating absolute URLs in emails, redirects, or API responses.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.