CVE-2021-42561 PoC — Caldera 注入漏洞

Source

https://github.com/mbadanoiu/CVE-2021-42561

Associated Vulnerability

Title:Caldera 注入漏洞 (CVE-2021-42561)
Description:An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allows attackers to use shell metacharacters (e.g., backticks "``" or dollar parenthesis "$()" ) in order to escape the current command and execute arbitrary shell commands.

Description

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

Readme

# CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

In Caldera (versions <=2.8.1) the Human plugin passes the unsanitized name parameter to a python "os.system" function. This allow attackers to use shell metacharacters (e.g. backticks "``" or dollar parenthesis "$()" ) in order to escape the current command and execute arbitrary shell commands. 

### Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found [here](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42561).

### Requirements:

This vulnerability requires:
<br/>
- Valid user credentials

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2021-42561/blob/main/Caldera%20-%20CVE-2021-42561.pdf).

File Snapshot


 [4.0K]  /data/pocs/fdc301b255903f35c257a6e92942a9a50f07be6d
├── [2.3M]  Caldera - CVE-2021-42561.pdf
└── [ 790]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!