CVE-2018-17173 Scanner

LG Supersign EZ CMS is a comprehensive solution designed for digital signage management, widely used in retail, education, and corporate environments. This software is employed to create, schedule, and distribute content across a network of digital displays. Developed by LG, it provides user-friendly interfaces for seamless content management and display. It is typically deployed in environments requiring dynamic and interactive display solutions for communication and advertising. The software is integrated with various features for customization and scheduling of content. It is also designed to work in different network settings offering broad accessibility.

The Remote Code Execution (RCE) vulnerability in LG Supersign EZ CMS allows attackers to execute arbitrary code within the systems where the software is installed. This vulnerability stems from improper validation of user inputs within specific parameters. RCE vulnerabilities are critical as they give attackers the ability to run malicious code remotely, potentially compromising system integrity and confidentiality. Such vulnerabilities are sought after by attackers due to the control they can exert over affected systems. They can affect how data is processed and manipulated, often leading to system corruption. This specific RCE vulnerability might lead to unauthorized access to sensitive data.

This RCE vulnerability specifically exploits the 'sourceUri' parameter within the qsr_server/device/getThumbnail endpoint. The vulnerable endpoint accepts user-supplied input without adequate validation, providing attackers with an opportunity to execute commands. This can be done by crafting specific HTTP requests that manipulate this parameter. The vulnerability is triggered by utilizing specially crafted requests that inject malicious commands via the 'sourceUri' parameter. Attackers can leverage this flaw to run system commands by bypassing typical input sanitization that should prevent such actions. The exploitation of this vulnerability leads to a significant compromise of the system's security mechanisms.

Exploitation of this vulnerability can lead to unauthorized code execution with potentially severe consequences. Attackers could manipulate or destroy data, disrupt business operations, or use the compromised systems for further attacks within a network. The effects of exploitation might also involve data breaches exposing sensitive information to unauthorized parties. Additionally, compromised systems could be used as vectors for spreading malware or launching attacks on other systems. In environments where LG Supersign CMS is deployed as part of critical operations, this vulnerability presents significant risks to operational integrity and security.

REFERENCES

• http://mamaquieroserpentester.blogspot.com/2018/09/lg-supersign-rce-to-luna-and-back-to.html
• http://packetstormsecurity.com/files/152733/LG-Supersign-EZ-CMS-Remote-Code-Execution.html
• https://www.exploit-db.com/exploits/45448/
• https://www.exploit-db.com/exploits/46795/