CVE-2017-9813

MEDIUM

Kaspersky Anti-Virus for Linux File Server <8.0.4.312 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-9813. PoCs published by Core Security.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Kaspersky Anti-Virus for Linux File Server's Web Management Console, allowing remote command execution as the 'kluser' account. It also describes a privilege escalation to root via the quarantine functionality.

Description

In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS).

Exploits (1)

exploitdb WORKING POC VERIFIED

by Core Security · textwebappslinux

https://www.exploit-db.com/exploits/42269

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in Kaspersky Anti-Virus for Linux File Server's Web Management Console, allowing remote command execution as the 'kluser' account. It also describes a privilege escalation to root via the quarantine functionality.

Classification

Working Poc 95%

Attack Type

Rce | Lpe

Complexity

Moderate

Reliability

Reliable

Target: Kaspersky Anti-Virus for Linux File Server 8.0.3.297

Auth required

Prerequisites: Authenticated session to the Web Management Console · Network access to the target server

MITRE ATT&CK