Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Sangfor BA - Remote Code Execution" module is designed to detect a critical vulnerability in Sangfor products. Sangfor products are targeted by this module, allowing remote unauthenticated users to execute arbitrary commands. The severity of this vulnerability is classified as critical, with a CVSS score of 10.
This module was authored by ritikchaddha.
If exploited, this vulnerability can lead to unauthorized remote code execution on Sangfor products. Attackers can execute arbitrary commands, potentially gaining full control over the affected system. This can result in severe consequences, including data breaches, unauthorized access, and system compromise.
The "Sangfor BA - Remote Code Execution" module works by sending an HTTP request to the targeted Sangfor product. The request is made to the "/tool/log/c.php" path with a parameter that includes a randomly generated alphanumeric string. The module then checks the response for two matching conditions:
If both conditions are met, the module reports a vulnerability, indicating that the Sangfor product is susceptible to remote code execution.
Example HTTP request:
GET /tool/log/c.php?strip_slashes=md5&host={%randTextAlphanumeric(10)%} HTTP/1.1
Host: [target host]
Note: The actual HTTP request may contain additional headers or parameters not shown in this example.
It is important to address this vulnerability promptly by applying the necessary security patches or updates provided by Sangfor to mitigate the risk of remote code execution.
For more information, refer to the reference.