Vulnerability-Lookup

CNVD-2020-11485

Vulnerability from cnvd - Published: 2020-02-21

Title

IXP EasyInstall操作系统命令注入漏洞

Description

IXP EasyInstall是用来下载安装python的一个第三方库管理工具,通过这个工具可以很方便的对Python中的第三方库进行管理。 IXP EasyInstall6.2.13723版本存在操作系统命令注入漏洞。该漏洞与受影响版本在外部输入数据构造操作系统可执行命令过程中未能正确过滤其中的特殊字符有关。可以通过TCP端口20051与代理服务进行通信，并通过使用“执行命令行”功能在目标系统的NT AUTHORITY SYSTEM上下文中执行代码。未经身份验证的攻击者可利用该漏洞执行非法操作系统命令。

Severity

低

Patch Name

IXP EasyInstall操作系统命令注入漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-19897

Impacted products

Name
IXP IXP EasyInstall 6.2.13723

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-19897",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-19897"
    }
  },
  "description": "IXP EasyInstall\u662f\u7528\u6765\u4e0b\u8f7d\u5b89\u88c5python\u7684\u4e00\u4e2a\u7b2c\u4e09\u65b9\u5e93\u7ba1\u7406\u5de5\u5177,\u901a\u8fc7\u8fd9\u4e2a\u5de5\u5177\u53ef\u4ee5\u5f88\u65b9\u4fbf\u7684\u5bf9Python\u4e2d\u7684\u7b2c\u4e09\u65b9\u5e93\u8fdb\u884c\u7ba1\u7406\u3002\n\nIXP EasyInstall6.2.13723\u7248\u672c\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4e0e\u53d7\u5f71\u54cd\u7248\u672c\u5728\u5916\u90e8\u8f93\u5165\u6570\u636e\u6784\u9020\u64cd\u4f5c\u7cfb\u7edf\u53ef\u6267\u884c\u547d\u4ee4\u8fc7\u7a0b\u4e2d\u672a\u80fd\u6b63\u786e\u8fc7\u6ee4\u5176\u4e2d\u7684\u7279\u6b8a\u5b57\u7b26\u6709\u5173\u3002\u53ef\u4ee5\u901a\u8fc7TCP\u7aef\u53e320051\u4e0e\u4ee3\u7406\u670d\u52a1\u8fdb\u884c\u901a\u4fe1\uff0c\u5e76\u901a\u8fc7\u4f7f\u7528\u201c\u6267\u884c\u547d\u4ee4\u884c\u201d\u529f\u80fd\u5728\u76ee\u6807\u7cfb\u7edf\u7684NT AUTHORITY  SYSTEM\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u975e\u6cd5\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-11485",
  "openTime": "2020-02-21",
  "patchDescription": "IXP EasyInstall\u662f\u7528\u6765\u4e0b\u8f7d\u5b89\u88c5python\u7684\u4e00\u4e2a\u7b2c\u4e09\u65b9\u5e93\u7ba1\u7406\u5de5\u5177,\u901a\u8fc7\u8fd9\u4e2a\u5de5\u5177\u53ef\u4ee5\u5f88\u65b9\u4fbf\u7684\u5bf9Python\u4e2d\u7684\u7b2c\u4e09\u65b9\u5e93\u8fdb\u884c\u7ba1\u7406\u3002\n\nIXP EasyInstall6.2.13723\u7248\u672c\u5b58\u5728\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u4e0e\u53d7\u5f71\u54cd\u7248\u672c\u5728\u5916\u90e8\u8f93\u5165\u6570\u636e\u6784\u9020\u64cd\u4f5c\u7cfb\u7edf\u53ef\u6267\u884c\u547d\u4ee4\u8fc7\u7a0b\u4e2d\u672a\u80fd\u6b63\u786e\u8fc7\u6ee4\u5176\u4e2d\u7684\u7279\u6b8a\u5b57\u7b26\u6709\u5173\u3002\u53ef\u4ee5\u901a\u8fc7TCP\u7aef\u53e320051\u4e0e\u4ee3\u7406\u670d\u52a1\u8fdb\u884c\u901a\u4fe1\uff0c\u5e76\u901a\u8fc7\u4f7f\u7528\u201c\u6267\u884c\u547d\u4ee4\u884c\u201d\u529f\u80fd\u5728\u76ee\u6807\u7cfb\u7edf\u7684NT AUTHORITY  SYSTEM\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4ee3\u7801\u3002\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u975e\u6cd5\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IXP EasyInstall\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "IXP IXP EasyInstall 6.2.13723"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-19897",
  "serverity": "\u4f4e",
  "submitTime": "2020-02-19",
  "title": "IXP EasyInstall\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e"
}

CVE-2019-19897 (GCVE-0-2019-19897)

Vulnerability from cvelistv5 – Published: 2020-01-23 20:54 – Updated: 2024-08-05 02:32

Summary

In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\SYSTEM context of the target system by using the Execute Command Line function.

Severity ?

10 (Critical)


                        
                          CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N

CWE

Assigner

mitre

References

URL

Tags

https://improsec.com/tech-blog/multiple-vulnerabi…

x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:32:09.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\\SYSTEM context of the target system by using the Execute Command Line function."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-23T20:54:44.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19897",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\\SYSTEM context of the target system by using the Execute Command Line function."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AC:L/AV:N/A:H/C:H/I:H/PR:N/S:C/UI:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software",
              "refsource": "MISC",
              "url": "https://improsec.com/tech-blog/multiple-vulnerabilities-in-easyinstall-rmm-and-deployment-software"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19897",
    "datePublished": "2020-01-23T20:54:44.000Z",
    "dateReserved": "2019-12-18T00:00:00.000Z",
    "dateUpdated": "2024-08-05T02:32:09.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2020-11485

CVE-2019-19897 (GCVE-0-2019-19897)

Tags

Sightings

Nomenclature