Vulnerability Title: meterN v1.2.3 Authenticated Remote Command Execution Vulnerability Advisory ID: ZSL-2021-5690 Type: Local/Remote Impact: System Access, DoS, Cross-Site Scripting Risk: (4/5) Release Date: 13.12.2021 Description: The application suffers from an authenticated OS command execution vulnerability. It can be exploited to execute arbitrary commands through the 'COMMANDx' and 'LIVECOMMANDx' POST parameters in admin_meter2.php and admin_indicator2.php scripts without performing any validity checks to verify the requests. Vendor: Jean-Marc Louviaux - https://www.metern.org Affected Version: 1.2.3 and 0.8.3.2 Tested On: Apache/2.4.10 (Raspbian), Apache/2.4.46 (Win64), Linux 4.9.67-v7+ GNU/Linux (armv7l), Microsoft Windows 10 Home (10.0.19042 Build 19042), PHP/7.2.33 Vendor Status: [14.01.2022] Vendor releases version 1.2.4.1 to address this issue PoC: metern_cmdexec.html Vulnerability discovered by: Gjoko Krstic - References: - [1] https://packetstormsecurity.com/files/165273/ - [2] https://www.exploit-db.com/exploits/50596 - [3] https://exchange.xforce.ibmcloud.com/vulnerabilities/215320 - [4] https://cxsecurity.com/issue/WLB-2021120071 - [5] https://github.com/jeanmarc77/meterN/commit/fb8fba1e681402282b014d4d139caaa7a54cf587