NCR Command Center Agent Command Injection Vulnerability
漏洞信息
漏洞名称: NCR Command Center Agent Command Injection Vulnerability
漏洞编号:
- CVE: CVE-2021-3122
漏洞类型: 命令执行
漏洞等级: 严重
漏洞描述: ### 受影响产品
NCR Command Center Agent是一款由NCR公司开发的中心化管理工具,广泛用于零售、金融等行业,以实现对分布式系统的集中监控和管理。该产品的16.3版本存在一个严重的安全漏洞,允许未经认证的攻击者通过特定的配置错误执行任意命令。
漏洞说明
此漏洞属于命令执行类型,其技术根源在于NCR Command Center Agent在处理发送到8089端口的XML文档时,未对runCommand参数进行充分的验证和过滤。攻击者可以构造恶意的XML文档,通过该参数注入并执行任意系统命令,且这些命令将以SYSTEM权限运行,从而完全控制系统。
影响分析
此漏洞的影响极为严重,因为它允许未经认证的攻击者在特定配置下远程执行任意命令,可能导致数据泄露、服务中断甚至整个系统被接管。由于攻击者无需认证即可利用此漏洞,且可以自动化攻击过程,因此风险极高。企业应立即检查是否使用了受影响版本的NCR Command Center Agent,并尽快应用补丁或采取其他缓解措施以防止潜在的攻击。
产品厂商: NCR
产品名称: Command Center Agent
影响版本: 16.3
来源: https://github.com/projectdiscovery/nuclei-templates/issues/12763
类型: projectdiscovery/nuclei-templates:github issues
来源概述
Description:
NCR Command Center Agent 16.3 contains a remote command execution caused by accepting a runCommand parameter in XML documents sent to port 8089, letting unauthenticated attackers execute arbitrary commands as SYSTEM, exploit requires specific misconfiguration.
Severity: Critical
POC:
KEV: True
Shodan Query: NA
Acceptance Criteria: The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data(
-debug) along with the template to help the triage team with validation or can also share a vulnerable environment like docker file.
Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted. Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.