A remote command execution vulnerability has been discovered in DaillyTools v1, a software developed by Islamoc and available on GitHub. This vulnerability was identified by indoushka, who tested the software on Windows 10 with Mozilla Firefox 64.0.2 (32-bit).
The vulnerability allows an attacker to remotely execute arbitrary commands on the affected system. This can potentially lead to unauthorized access, data theft, and compromise of the entire system. The exploit takes advantage of a flaw in the PHP_Comments.php file, specifically in line 20 where the “exec” function is called with the variable $arr.
To demonstrate the vulnerability, the following Proof of Concept (PoC) was provided: PHP_Comments.php?arr=pwd. This PoC executes the “pwd” command, which is used to print the current working directory.
It is important to note that this vulnerability can be easily exploited by malicious actors who have access to the internet. They can simply use search engines like Google to find instances of DaillyTools v1 and then target the vulnerable PHP_Comments.php file to execute arbitrary commands.
Upon discovery of this vulnerability, it is recommended that users of DaillyTools v1 take immediate action to mitigate the risk. This can be done by updating to the latest version of the software, if available, or by implementing any security patches or fixes provided by the vendor.
Additionally, users should be cautious when visiting websites or downloading files from unknown or untrusted sources. It is always important to verify the authenticity and integrity of software before installing or running it on a system.
Furthermore, the developer, Islamoc, should address this vulnerability as a high priority and work towards releasing a patch or an updated version of DaillyTools v1 that resolves this issue. Regular security audits and code reviews should also be conducted to identify and fix any potential vulnerabilities in the software.
In conclusion, the remote command execution vulnerability in DaillyTools v1 poses a serious threat to the security and integrity of affected systems. Users are strongly advised to take immediate action to mitigate the risk and ensure the safety of their systems and data.