CVE-2023-7116 Scanner
CVE-2023-7116 Scanner - OS Command Injection vulnerability in WeiYe-Jing datax-web
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
23 days 17 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
The WeiYe-Jing datax-web is a software project used for managing data transfer jobs in various computing environments. Utilized by developers and data engineers, it facilitates tasks like data import, export, and synchronization. The software's primary audience includes organizations dealing with large-scale data processing and management. With a web interface, it allows users to schedule and monitor data transfer jobs across different systems. The WeiYe-Jing datax-web is designed to integrate seamlessly with various data sources, enhancing its utility across different sectors. Popular among enterprise environments, it serves as a critical component in data management workflows.
The OS Command Injection vulnerability allows attackers to execute arbitrary commands on the host system running the vulnerable software. This critical vulnerability can be exploited through manipulation of the software's input fields, specifically targeting the 'processId' parameter in the HTTP POST Request Handler. As attackers can perform command injections remotely, this poses significant risks to the host system. The vulnerability is identified with high severity due to its potential impact on confidentiality, integrity, and availability. Public disclosure of the exploit increases the risk of it being used maliciously.
The vulnerability in WeiYe-Jing datax-web involves the 'processId' parameter within the '/api/log/killJob' endpoint. By manipulating this parameter, attackers can inject commands that the system will execute. This happens because the software's input validation and sanitization mechanisms fail to adequately filter special characters or control sequences. Frequent exploitation activity includes commands like 'wget' to download malicious payloads from attacker-controlled servers. It's critical to note that the attack does not require user interaction and can be conducted with low privileges, making it easier for attackers. The exploitability stems from the software's handling of HTTP POST requests.
When exploited, this vulnerability can lead to severe consequences for the compromised system. Attackers may gain unauthorized control over the system, allowing them to deploy malware or extract sensitive information. The integrity of the system's data may be compromised, leading to potential data corruption or loss. Furthermore, the system's availability could be affected, resulting in downtime or disrupted services. Additionally, attackers could leverage the system's resources to conduct further attacks, amplifying the security threat across networks. Protective measures should be considered to prevent exploitation of this vulnerability.