An issue exists in Tyto Sahi Pro 6.x up to and including 8.0.0. TestRunner_Non_distributed (and distributed end points) does not have any authentication mechanism. This allow an malicious user to execute an arbitrary script on the remote Sahi Pro server. There is also a password-protected web interface intended for remote access to scripts. This web interface lacks server-side validation, which allows an malicious user to create/modify/delete a script remotely without any password. Chaining both of these issues results in remote code execution on the Sahi Pro server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sahipro sahi pro |