Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "OpenCPU - Remote Code Execution" module is designed to detect the presence of a remote code execution vulnerability in OpenCPU, an open-source software system for embedded scientific computing and reproducible research. This module is classified as critical severity, indicating the potential for significant harm if exploited.
This module was authored by wa1tf0rme.
If the "OpenCPU - Remote Code Execution" vulnerability is present and successfully exploited, an attacker could execute arbitrary code on the target system. This could lead to unauthorized access, data breaches, and potential compromise of the entire system.
The "OpenCPU - Remote Code Execution" module works by sending a specific HTTP request to the target system and then analyzing the response to determine if the vulnerability is present. The module uses the following matching conditions:
- The HTTP request path must match "/ocpu/library/base/R/do.call/json". - The HTTP request method must be "POST". - The HTTP request must have the "Content-Type" header set to "application/x-www-form-urlencoded". - The response must contain the words "uid=" and "gid=". - The response status code must be 201.If all of these conditions are met, the module will report a vulnerability.
Here is an example of the HTTP request sent by the module:
POST /ocpu/library/base/R/do.call/json
Content-Type: application/x-www-form-urlencoded
[request body]
It is important to note that this is just one test case performed by the Vidoc platform, which utilizes multiple modules to conduct comprehensive scanning.
For more information, you can refer to the following resources:
- https://pulsesecurity.co.nz/articles/R-Shells - https://github.com/opencpu/opencpu/Metadata: max-request: 1
Content-Type: application/x-www-fo...