CVE-2016-9587

HIGH

Ansible < 2.1.4 and < 2.2.1 - Remote Code Execution via Client Fact Data

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-9587. PoCs published by Computest.

AI-analyzed exploit summary This is a detailed advisory and proof-of-concept for CVE-2016-9587, describing multiple methods to bypass Ansible's fact filtering to achieve command execution on the Ansible controller from a compromised host. It includes technical explanations and code snippets for six distinct bypass techniques.

Description

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.

Exploits (1)

exploitdb WRITEUP

by Computest · textremotelinux

https://www.exploit-db.com/exploits/41013

View Code ZIP pw:eip

This is a detailed advisory and proof-of-concept for CVE-2016-9587, describing multiple methods to bypass Ansible's fact filtering to achieve command execution on the Ansible controller from a compromised host. It includes technical explanations and code snippets for six distinct bypass techniques.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Ansible < 2.1.4, < 2.2.1

No auth needed

Prerequisites: Compromised host with ability to modify facts returned to Ansible controller

MITRE ATT&CK