This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Tdarr (v2.00.15) suffers from **OS Command Injection** via the Help terminal. <br>π₯ **Consequences**: Attackers can execute **arbitrary commands** on the host system.β¦
π **Privileges**: The injected commands run with the **privileges of the Tdarr process**. <br>π **Data**: Attackers can read/write files, exfiltrate sensitive data, or pivot to other internal systems.β¦
π£ **Public Exploit**: **YES**. <br>π **Source**: ExploitDB ID **50822** is available. <br>π₯ **Status**: Wild exploitation is possible since the PoC is public and requires no authentication.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Verify your Tdarr version is **2.00.15**. <br>2. Check if the **Help terminal** is exposed to the internet. <br>3. Use scanners targeting **CWE-78** in web interfaces. <br>4.β¦
π§ **No Patch Workaround**: <br>1. **Block Access**: Restrict network access to the Help terminal port (Firewall rules). <br>2. **Disable**: If possible, disable the 'Help' feature or terminal access entirely. <br>3.β¦
π¨ **Urgency**: **CRITICAL**. <br>β±οΈ **Priority**: **Immediate Action Required**. <br>π **Reason**: Unauthenticated, remote, and public exploit exists. This is a 'zero-day' style risk for any exposed instance.β¦