LAM vulnerable to Authenticated Remote Code Execution

LDAP Account Manager (LAM) is a webfrontend for managing entries stored in an LDAP directory. LAM's log configuration allows to specify arbitrary paths for log files. Prior to version 8.7, an attacker could exploit this by creating a PHP file and cause LAM to log some PHP code to this file. When the file is then accessed via web the code would be executed. The issue is mitigated by the following: An attacker needs to know LAM's master configuration password to be able to change the main settings; and the webserver needs write access to a directory that is accessible via web. LAM itself does not provide any such directories. The issue has been fixed in 8.7. As a workaround, limit access to LAM configuration pages to authorized users.

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:H

输出中的特殊元素转义处理不恰当(注入)

LDAP Account Manager 注入漏洞

LDAP Account Manager是一个 Web 前端，用于管理存储在 LDAP 目录中的条目（例如用户、组、DHCP 设置）。 LDAP Account Manager (LAM) 8.7之前版本存在安全漏洞，该漏洞源于日志配置允许为日志文件指定任意路径，攻击者利用该漏洞可以将一些 PHP 代码记录到日志文件中，当通过网络访问该文件时，代码将被执行。

N/A

N/A