A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account.
References
Link | Resource |
---|---|
https://blog.vyos.io/the-operator-level-is-proved-insecure-and-will-be-removed-in-the-next-releases | Exploit Vendor Advisory |
https://blog.vyos.io/the-operator-level-is-proved-insecure-and-will-be-removed-in-the-next-releases | Exploit Vendor Advisory |
Configurations
History
21 Nov 2024, 03:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.vyos.io/the-operator-level-is-proved-insecure-and-will-be-removed-in-the-next-releases - Exploit, Vendor Advisory |
Information
Published : 2018-12-17 19:29
Updated : 2024-11-21 03:56
NVD link : CVE-2018-18555
Mitre link : CVE-2018-18555
CVE.ORG link : CVE-2018-18555
JSON object : View
Products Affected
vyos
- vyos
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')