Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-16921 — OS Command Injection in Otrs

CWE-78 — OS Command Injection6 documents5 sources

Severity

8.8HIGHNVD

EPSS

33.9%

top 3.03%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Debian Otrs2 Debian Linux Otrs

Timeline

PublishedDec 8

Latest updateMay 13

Description

In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, and OTRS 4.0.x up to and including 4.0.26, an attacker who is logged into OTRS as an agent can manipulate form parameters (related to PGP) and execute arbitrary shell commands with the permissions of the OTRS or web server user.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶debiandebian/otrs2< otrs2 6.0.2-1 (bullseye)

▶NVDotrs/otrs53 versions+52

Also affects: Debian Linux 7.0, 8.0, 9.0

Patches

Patch: www.otrs.com ↗Patch: www.otrs.com ↗

🔴Vulnerability Details

GHSA

GHSA-x9qc-g4w7-x2hf: In OTRS 6↗2022-05-13

▶

OSV

CVE-2017-16921: In OTRS 6↗2017-12-08

▶

💥Exploits & PoCs

Exploit-DB

OTRS 6.0.1 - Remote Command Execution (2)↗2021-04-22

▶

Exploit-DB

OTRS 5.0.x/6.0.x - Remote Command Execution (1)↗2018-01-21

▶

📋Vendor Advisories

Debian

CVE-2017-16921: otrs2 - In OTRS 6.0.x up to and including 6.0.1, OTRS 5.0.x up to and including 5.0.24, ...↗2017

▶