Execute the following commands in another terminal:
npm i node-dig-dns # Install affected module
node poc.js # Run the PoC
The output will show you the result of the ls command {F605976}
Please, note the vulnerability occurs only with a mono command, making the commands to be executed more difficult and a little impactful. Anyway, Linux is a complex ecosystem, where commands like shutdown can be used in any way to make the PoC work and a bit better.
Bug Bounty
We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/
This issue has been generated on-behalf of Mik317 (https://huntr.dev/app/users/Mik317)
Vulnerability Description
I would like to report an
RCE
issue in thenode-dig-dns
module. It allows the execution of arbitrary commands remotely inside the victim's PC.The issue occurs because a user input is formatted inside a command that will be executed without any check. The issue arises here: https://github.com/StephanGeorg/node-dig-dns/blob/master/src/index.js#L6
Steps To Reproduce:
ls
command {F605976}Please, note the vulnerability occurs only with a mono command, making the commands to be executed more difficult and a little impactful. Anyway, Linux is a complex ecosystem, where commands like
shutdown
can be used in any way to make the PoC work and a bit better.Bug Bounty
We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/