CVE-2015-2844

GoAutoDial GoAdmin CE - Remote Code Execution via cpanel PATH_INFO Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2844. PoCs published by Chris McCurley.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in GoAutoDial 3.3, including SQL injection for authentication bypass, arbitrary file upload, and command injection leading to remote code execution (RCE). The PoC includes clear examples of malicious payloads and techniques to achieve RCE and privilege escalation.

Description

The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1420434000 allows remote attackers to execute arbitrary commands via the $action portion of the PATH_INFO.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Chris McCurley · textwebappsphp

https://www.exploit-db.com/exploits/36807

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in GoAutoDial 3.3, including SQL injection for authentication bypass, arbitrary file upload, and command injection leading to remote code execution (RCE). The PoC includes clear examples of malicious payloads and techniques to achieve RCE and privilege escalation.

Classification

Working Poc 100%

Attack Type

Rce | Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: GoAutoDial 3.3-1406088000 and previous releases

No auth needed

Prerequisites: Network access to the target · Default admin user not removed

MITRE ATT&CK