Authenticated OS Command Execution Vulnerability in HomeAutomation 3.3.2 with Custom Command v0.1 Plugin

Authenticated OS Command Execution Vulnerability in HomeAutomation 3.3.2 with Custom Command v0.1 Plugin

CVE-2020-22000 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'set_command_on' and 'set_command_off' POST parameters in '/system/systemplugins/customcommand/customcommand.plugin.php' by using an unsanitized PHP exec() function.

Learn more about our Web App Pen Testing.