CVE-2021-42561 PoC — Caldera 注入漏洞

Source

https://github.com/mbadanoiu/CVE-2021-42561

Associated Vulnerability

Title:Caldera 注入漏洞 (CVE-2021-42561)
Description:Caldera是法国Caldera公司的一套能够为打印机设备提供色彩管理、成像和处理解决方案的软件。 Caldera 中存在注入漏洞，该漏洞源于产品的Human插件未对传递给python的name进行进行有效过滤。攻击者可通过``和$()执行任意shell命令。以下产品及版本受到影响： CALDERA 2.8.1。

Description

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

Readme

# CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

In Caldera (versions <=2.8.1) the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allow attackers to use shell metacharacters (e.g. backticks "``" or dollar parenthesis "$()" ) in order to escape the current command and execute arbitrary shell commands. 

### Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found [here](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42561).

### Requirements:

This vulnerability requires:
<br/>
- Valid user credentials

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2021-42561/blob/main/Caldera%20-%20CVE-2021-42561.pdf).

File Snapshot


 [4.0K]  /data/pocs/fdc301b255903f35c257a6e92942a9a50f07be6d
├── [2.3M]  Caldera - CVE-2021-42561.pdf
└── [ 790]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!