Description: Authenticated command execution via command injection.
Versions Affected: 9.0
Researcher: Dwight Hohnstein (https://twitter.com/djhohnstein)
Disclosure Link: https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-2/
NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2017-7283
An attacker can execute arbitrary commands on the machine once logged into the web application. You can do so by including a malicious command as a filename in your list of filenames.
Parameters:
filenames - Command you want to execute. Aka {"filenames": ["'\nsleep 10\n"]}
Headers required:
AuthToken - Cookie "token" given to you at login
python CVE-2017-7283.py -u TARGET -U USER -P PASSWORD