Rapid7 Vulnerability & Exploit Database

Embedthis GoAhead: CVE-2017-17562: LD_PRELOAD Arbitrary Module Load RCE

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Embedthis GoAhead: CVE-2017-17562: LD_PRELOAD Arbitrary Module Load RCE

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
09/21/2017
Created
03/02/2022
Added
02/28/2022
Modified
01/12/2023

Description

Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of initializing the environment of forked CGI scripts using untrusted HTTP request parameters in the cgiHandler function in cgi.c. When combined with the glibc dynamic linker, this behaviour can be abused for remote code execution using special parameter names such as LD_PRELOAD. An attacker can POST their shared object payload in the body of the request, and reference it using /proc/self/fd/0.

Solution(s)

  • embedthis-goahead-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;