skip to content
Yupy Syntax

CVE-2018-1335 - Write Up

/ 2 min read

Last Updated:
cve

CVE-2018-1335 WriteUps

Haii!! How are you?!!

This time I will share an article about findings I found on a website that is vulnerable to the CVE-2018-1335 vulnerability. okay, let’s get straight to it.

Details Information Vulnerability:

The type of vulnerability we’re discussing here is known as command injection. This occurs when an application that is susceptible to attack does not properly sanitize user input before passing it to the system shell, thereby enabling the execution of harmful code. When we contrast this with code injection, we can identify several distinctions. For instance, code injection gives the attacker the ability to introduce their own code that the application then executes. However, in the case of command injection, the attacker alters the application’s functionality, which permits users to execute system commands.

CVSS Score
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Proof of Concept (PoC):

This document contains various server endpoints with HTTP methods and generated media types. These endpoints are related to the detection of document type, language, metadata, and text extraction from documents

alt text

CVE-2018-1335 is a security vulnerability related to Apache Tika versions 1.7 to 1.17. This vulnerability allows command injection attacks on servers running tika-server. This attack can occur if the tika-server is open to untrusted clients. Attackers can leverage specially crafted headers to inject commands into the command line of the server running tika-server

alt text alt text

Search results return an exploit module named “exploit/windows/http/apache_tika_jp2_jscript,” with details such as disclosure date (2018-04-25), rating (excellent), and description (“Apache Tika Header Command Injection”). This information indicates that the module can be used to test or exploit Apache Tika-related vulnerabilities, specifically through command header injection.

alt text

The highlighted section shows the “search exploit suggester” command which suggests that users search for potential exploits related to a particular vulnerability or software.

alt text

The text in the terminal shows various IP addresses followed by file paths and statuses such as “Potentially vulnerable,” “The target appears to be vulnerable,” and “Yes” or “No” indicating whether a particular exploit is available. applies.

alt text

PoC Video on Youtube:

Yupy Security

Impact:

Unauthorized System Access: Command injection vulnerabilities can allow an attacker to execute arbitrary commands on the host operating system. This could potentially lead to unauthorized system access.

References: