This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Remote Command Injection in GoAutoDial GoAdmin CE. π₯ **Consequences**: Attackers can execute arbitrary OS commands on the server via the `go_site.php` script. This leads to full system compromise.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: Improper input validation in the `cpanel` function within `go_site.php`.β¦
π **Public Exploits**: **YES**. π **References**: Exploit-DB IDs **42296** and **36807** are available. π **Wild Exploitation**: High risk due to available PoCs and mailing list disclosures (Bugtraq).
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for the presence of `go_site.php` in the web root. π§ͺ **Test**: Attempt to inject shell commands via the `PATH_INFO` parameter targeting the `cpanel` function.β¦
π§ **Workaround**: If patching is impossible, restrict web server access to `go_site.php` via firewall rules. π **Mitigation**: Disable `PATH_INFO` processing if supported by the web server configuration.β¦
π₯ **Urgency**: **CRITICAL**. π¨ **Priority**: **P1**. β οΈ **Reason**: Unauthenticated RCE with public exploits. Immediate patching or isolation is required to prevent immediate compromise.