OS Command Injection in reNgine through 2.0.2 via WAF Detector URL Parameter

OS Command Injection in reNgine through 2.0.2 via WAF Detector URL Parameter

CVE-2023-50094 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output.

Learn more about our Api Penetration Testing.