CVE-2020-15508 HestiaCP Command Injection & Privilege Escalation
Description
Hestiacp <1.2 is vulnerable to command Injection and Privilege Escalation.
Any Web Application User -> Admin user of the Web Application -> OS root access.
Command Injection
Due to inproper input validation leads to command injection.
Privilege Escalation Web Application Admin -> OS root
Admin user of web application can add cron jobs. Adding simple reverse shell payload is makes you root.
POC Video
Exploit
Patch commits
https://github.com/hestiacp/hestiacp/commit/5dbc398d9fb00861fc8f75767b09de8981f86a48
https://github.com/hestiacp/hestiacp/commit/d4d9c84662c2f23e79c2cdc3a92d913892fa7de0