CVE-2024-9166

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Sep 26, 2024 / Updated: 54d ago

010
CVSS 9.3EPSS 0.04%Critical
CVE info copied to clipboard

Summary

The vulnerability allows an unauthorized attacker to execute system commands with elevated privileges. This exploit is facilitated through the use of the 'getcommand' query within the application, enabling the attacker to gain root access.

Impact

This vulnerability has a critical severity with a CVSS v4 base score of 9.3. The impact is severe as it allows attackers to execute arbitrary system commands with root privileges. This can lead to complete system compromise, including: 1. Unauthorized access to sensitive data 2. Modification or deletion of critical system files 3. Installation of malware or backdoors 4. Potential lateral movement within the network 5. Disruption of system operations or services The attack vector is network-based, requires low complexity, and does not need user interaction or any privileges, making it highly exploitable.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

The vulnerability data does not provide specific information about the availability of a patch. Security teams should immediately check with the vendor for an available patch or security update.

Mitigation

While waiting for a patch, consider the following mitigation strategies: 1. Implement network segmentation to limit access to affected systems. 2. Apply strict input validation and sanitization, especially for the 'getcommand' query. 3. Use a Web Application Firewall (WAF) to filter malicious requests. 4. Implement the principle of least privilege for all system accounts and services. 5. Monitor system logs for any suspicious activities or command executions. 6. If possible, disable or restrict access to the vulnerable 'getcommand' functionality. 7. Conduct a thorough review of all systems that might be affected by this vulnerability. 8. Keep all systems and software up-to-date with the latest security patches.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9166. See article

Sep 26, 2024 at 2:39 PM / IT Security News
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 26, 2024 at 2:40 PM
CVE Assignment

NVD published the first details for CVE-2024-9166

Sep 26, 2024 at 5:15 PM
CVSS

A CVSS base score of 9.3 has been assigned.

Sep 26, 2024 at 5:20 PM / nvd
EPSS

EPSS Score was set to: 0.04% (Percentile: 10.3%)

Sep 27, 2024 at 9:37 AM
Static CVE Timeline Graph

Affected Systems

Apache
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI