Published: 04/03/2018 Updated: 11/04/2024

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 up to and including 5.0.24 and 6.0.0 up to and including 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server during package installation. NOTE: the vendor disputes this issue stating "the behaviour is as designed and needed for different packages to be installed", "there is a security warning if the package is not verified by OTRS Group", and "there is the possibility and responsibility of an admin to check packages before installation which is possible as they are not binary.

Vulnerable Product	Search on Vulmon	Subscribe to Product
otrs otrs 6.0.0
otrs otrs 6.0.1
otrs otrs

OTRS versions 500 through 5024 and 600 through 601 suffer from remote code execution vulnerabilities ...

CWE-434 https://0day.today/exploit/29938 https://nvd.nist.gov https://packetstormsecurity.com/files/146639/OTRS-Command-Injection.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-7567

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect