Description

GoAhead is a tiny, embedded web server. GoAhead is deployed in hundreds of millions of devices and is ideal for the smallest of embedded devices.

GoAhead web server versions < 3.6.5 unsafely initialize the environment of forked CGI scripts using untrusted HTTP request parameters. All users who have CGI support enabled with dynamically linked executables (CGI scripts) are affected by this vulnerability. This behavior, when combined with the glibc dynamic linker, can be abused for remote code execution using special variables such as LD_PRELOAD.

Remediation

Upgrade to the latest version of GoAhead Web Server. This vulnerability was fixed in GoAhead Web Server version 3.6.5.

References

Remote LD_PRELOAD exploitation

GoAhead Web Server

Related Vulnerabilities

WooFramework shortcode exploit

Drupal Core 7.x Remote Code Execution (7.0 - 7.74)

WordPress Plugin WP-Filebase Download Manager Remote Code Execution (0.3.0.03)

WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)

Bash code injection vulnerability

Severity

High

Classification

CVE-2017-17562 CWE-94 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution