This exploit leverages a command injection vulnerability in ALCASAR's web UI via the HTTP Host header, allowing unauthenticated remote code execution as the Apache user. It then escalates privileges to root by modifying the sudoers file using sudo-enabled binaries like openssl.
Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:ALCASAR <= 2.8
No auth needed
Prerequisites:Network access to the ALCASAR web interface