OS Command Injection in reNgine through 2.0.2 via WAF Detector URL Parameter
CVE-2023-50094 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
reNgine through 2.0.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell metacharacters in an api/tools/waf_detector/?url= string. The commands are executed as root via subprocess.check_output.
Learn more about our Api Penetration Testing.