CVE-2023-26802 Scanner
CVE-2023-26802 Scanner - Command Injection vulnerability in DCN DCBI-Netlog-LAB
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
26 days 4 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
DCN DCBI-Netlog-LAB is used by network administrators for configuring network settings and managing security protocols. It is designed to facilitate secure network operations and enhance the efficiency of network management. The software is commonly utilized by medium to large enterprises to streamline network administration tasks. It integrates seamlessly with existing infrastructure, supporting scalability and robust security measures. Organizations rely on this product to ensure network reliability and integrity. Given its comprehensive features, it is a critical component in the network management toolkit of many IT professionals.
Command Injection is a critical vulnerability where an attacker can inject arbitrary commands into a program, allowing unauthorized execution of commands. This specific vulnerability in DCN DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and exploit the network configuration component. Once exploited, it provides unauthorized command execution capabilities on the server. This flaw is especially concerning due to its remote access potential, requiring no prior authentication. The injection can be executed via specially crafted requests that manipulate system commands. Command Injection compromises the security and reliability of the affected systems.
The vulnerability resides in the network configuration endpoint /network_config/nsg_masq.cgi of the DCN DCBI-Netlog-LAB. Attackers can manipulate parameters such as user_name and session_id to inject commands. The crafted request enables attackers to execute arbitrary commands, utilizing the HTTP GET method. By crafting a specific request payload, attackers exploit the command injection flaw without needing authentication. This can lead to manipulation of the system by appending shell commands to HTTP parameters. The vulnerability affects all instances running version 1.0 of the product.
When exploited, this Command Injection vulnerability can lead to unauthorized command execution on the server, potentially resulting in system compromise. Attackers may gain control over the affected system, leading to data breaches and unauthorized access to sensitive information. Additionally, it might allow the attacker to escalate privileges, pivot within the network, and deploy further payloads. The integrity, confidentiality, and availability of the affected systems are at significant risk. Organizations could face operational disruptions, financial losses, and reputational damage due to this vulnerability.