tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-12753-os-command-injection' into 'develop' 

Ent 12753 OS Command Injection

See merge request artica/pandorafms!6868
This commit is contained in:
Rafael Ameijeiras 2024-01-24 08:15:58 +00:00
parent f3152eca09 538177c3e5
commit 5dc0e35be8
2 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/include/ajax/events.php
View File

@ -1335,6 +1335,15 @@ if ($perform_event_response === true) {
}
$command = $event_response['target'];
// Prevent OS command injection.
$prev_command = get_events_get_response_target($event_id, $event_response, $server_id);
if ($command !== $prev_command) {
echo __('unauthorized');
return;
}
$command_timeout = ($event_response !== false) ? $event_response['command_timeout'] : 90;
if (enterprise_installed() === true) {
if ($event_response !== false

2
pandora_console/include/functions_events.php
View File

@ -3804,7 +3804,7 @@ function events_get_response_target(
}
$event = db_get_row('tevento', 'id_evento', $event_id);
$target = io_safe_output($event_response['target']);
$target = io_safe_output(db_get_value('target', 'tevent_response', 'id', $event_response['id']));
// Replace parameters response.
if (isset($response_parameters) === true