Open openrefactory opened 1 year ago
There are two other places where the same tainted data flows. In total there are three places in code where port is being assigned from request.form and used in a taint sink subprocess.check_output.
All of them are marked.
In file: api_hypervisors.py, there is a method that is vulnerable to attacks which can execute arbitrary operating system(OS) commands. Here is the flow in the code that leads to the possible OS Command Injection.
The taint starts from HypervisorsView.py file, line 84. Here variable port is assigned a tainted value from an external source.
In that same file (HypervisorsView.py), line 129, the tainted information is passed through a method call via port to the formal parameter port of the method.
Then in api_hypervisors.py file, line 103, the tainted information is passed through a method call via port to the formal parameter port of the method. Similarly the information passes in line 172 of the same file.
Finally, in line 306, the tainted information is passed through a method invocation and is used in a sink.
The data should be sanitized to remove the problem. No fix was given.