Headline
CVE-2022-44039
Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of “fopen” system function with the mode “wb” which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.
CVE ID: CVE-2022-44039 Author: Momen Eldawakhly (Cyber Guy) Vendor: Franklin Fueling System Product: FFS Colibri Version: 1.9.22.8925 Vulnerability: Out-of-band Filesystem Rewrite Description: > An attacker can overwrite system files like [system.conf] and [passwd], > this occurs because the insecure usage of “fopen” system function with > the mode “wb” which allows overwriting file if exists. Overwriting > files such as passwd, allows an attacker to escalate his privileges by > planting backdoor user with root privilege or change root password. Resources: - https://github.com/Cyber-Guy1/Papers/raw/main/Privilege%20Escalation%20for%20Outsiders%20and%20External%20Threat%20Actors%20-%20Paper.pdf - https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-44039 - https://drive.google.com/drive/folders/16UDEzrBTSVqmL6I9dOsGKoZT11EPp19u
Related news
Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution vulnerability via the scriptRunner.cgi component.