EndRun Technologies Sonoma D12 Network Time Server OS Command Injection Vulnerability Allowing Remote Code Execution and Privilege Escalation
Vulnerability
A command injection vulnerability has been identified in the EndRun Technologies Sonoma D12 Network Time Server (GPS) firmware version 6010-0071-000 v4.00. This vulnerability allows remote attackers to execute arbitrary commands, potentially leading to unauthorized code execution, privilege escalation, disclosure of sensitive information, and causing a denial-of-service condition.
Impact
Exploitation of this vulnerability could result in unauthorized remote code execution, with elevated privileges, allowing attackers to gain full control over the affected system.
Remediation
The vendor has provided interim mitigation steps to disable web-management access, which can be validated in a controlled environment before applying in production. These steps involve changing the permissions of the web management script to disable it, copying the original script to a backup location, and rebooting the system.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.