Vulnerabilities > CVE-2013-3502 - Credentials Management vulnerability in Gwos Groundwork Monitor 6.7.0

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
gwos
CWE-255
exploit available
metasploit
NVD
Published: 2013-05-08
Updated: 2013-11-03

Summary

monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by leveraging a JOSSO SSO cookie.

Vulnerable Configurations

Part Description Count
Application
Gwos
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionGroundWork monarch_scan.cgi OS Command Injection. CVE-2013-3502. Remote exploit for linux platform
fileexploits/linux/remote/25001.rb
idEDB-ID:25001
last seen2016-02-03
modified2013-04-25
platformlinux
port
published2013-04-25
reportermetasploit
sourcehttps://www.exploit-db.com/download/25001/
titleGroundWork monarch_scan.cgi OS Command Injection
typeremote

Metasploit

descriptionThis module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarch_scan.cgi where user controlled input is used in the perl qx function. This allows any remote authenticated attacker, regardless of privileges, to inject system commands and gain arbitrary code execution. The module has been tested successfully on GroundWork 6.7.0-br287-gw1571 as distributed within the Ubuntu 10.04 based VM appliance.
idMSF:EXPLOIT/LINUX/HTTP/GROUNDWORK_MONARCH_CMD_EXEC
last seen2020-04-11
modified2017-07-24
published2013-04-24
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/linux/http/groundwork_monarch_cmd_exec.rb
titleGroundWork monarch_scan.cgi OS Command Injection

References