Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration
Vulnerability Description
Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the secure_popen() function in glances/secure.py interprets > (file redirection), | (pipe), and && (command chaining) operators in command strings. These operators are applied without any validation on the target file path, piped command, or chained command. When Application Monitoring Process (AMP) modules load their command or service_cmd configuration values from glances.conf, those values are passed directly to secure_popen() with no sanitization. This allows an attacker who can modify the Glances configuration file to write arbitrary content to arbitrary filesystem paths (via >), chain arbitrary commands (via &&), or pipe command output to arbitrary programs (via |). This vulnerability is fixed in 4.5.5.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Nicolas Hennion Glances 路径遍历漏洞
Vulnerability Description
Nicolas Hennion Glances是Nicolas Hennion个人开发者的一款系统监控工具。 Nicolas Hennion Glances 4.0.8版本至4.5.5之前版本存在路径遍历漏洞,该漏洞源于secure_popen()函数对文件重定向、管道和命令链接操作符未进行验证,可能导致攻击者通过修改配置文件写入任意内容、链接任意命令或将命令输出传递给任意程序。
CVSS Information
N/A
Vulnerability Type
N/A