Headline
dizqueTV 1.5.3 Remote Code Execution
dizqueTV version 1.5.3 suffers from a remote code execution vulnerability.
dizqueTV 1.5.3 Remote Code Execution
Posted Oct 3, 2024
Authored by Ahmed Said Saud Al-Busaidi
dizqueTV version 1.5.3 suffers from a remote code execution vulnerability.
tags | exploit, remote, code execution
SHA-256 | b18cb14167c97952ef1684789d6a48b83e5c1338a0677edc0b3eaef195497b45
Download | Favorite | View
dizqueTV 1.5.3 Remote Code Execution
# Exploit Title: dizqueTV 1.5.3 - Remote Code Execution (RCE)# Date: 9/21/2024# Exploit Author: Ahmed Said Saud Al-Busaidi# Vendor Homepage: https://github.com/vexorian/dizquetv# Version: 1.5.3# Tested on: linuxPOC:## Vulnerability DescriptiondizqueTV 1.5.3 is vulnerable to unauthorized remote code execution from attackers.## STEPS TO REPRODUCE1. go to http://localhost/#!/settings 2. now go to ffmpeg settings and change the FFMPEG Executable Path to: "; cat /etc/passwd && echo 'poc'"3. click on update4. now visit http://localhost/#!/version or click on version and you should see the content of /etc/passwd
File Tags
- ActiveX (933)
- Advisory (87,037)
- Arbitrary (17,123)
- BBS (2,859)
- Bypass (1,932)
- CGI (1,049)
- Code Execution (7,927)
- Conference (693)
- Cracker (845)
- CSRF (3,438)
- DoS (25,312)
- Encryption (2,395)
- Exploit (54,379)
- File Inclusion (4,278)
- File Upload (1,026)
- Firewall (822)
- Info Disclosure (2,927)
- Intrusion Detection (921)
- Java (3,156)
- JavaScript (908)
- Kernel (7,313)
- Local (14,866)
- Magazine (587)
- Overflow (13,229)
- Perl (1,435)
- PHP (5,293)
- Proof of Concept (2,415)
- Protocol (3,753)
- Python (1,664)
- Remote (31,931)
- Root (3,674)
- Rootkit (530)
- Ruby (643)
- Scanner (1,660)
- Security Tool (8,055)
- Shell (3,310)
- Shellcode (1,219)
- Sniffer (904)
- Spoof (2,297)
- SQL Injection (16,739)
- TCP (2,463)
- Trojan (690)
- UDP (919)
- Virus (675)
- Vulnerability (33,135)
- Web (10,147)
- Whitepaper (3,785)
- x86 (970)
- XSS (18,308)
- Other
File Archives
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- Older
Systems
- AIX (430)
- Apple (2,115)
- BSD (378)
- CentOS (61)
- Cisco (1,954)
- Debian (7,132)
- Fedora (1,693)
- FreeBSD (1,247)
- Gentoo (4,599)
- HPUX (881)
- iOS (390)
- iPhone (108)
- IRIX (220)
- Juniper (71)
- Linux (51,415)
- Mac OS X (696)
- Mandriva (3,105)
- NetBSD (256)
- OpenBSD (490)
- RedHat (16,936)
- Slackware (941)
- Solaris (1,615)
- SUSE (1,444)
- Ubuntu (9,896)
- UNIX (9,464)
- UnixWare (188)
- Windows (6,782)
- Other