medium

Google Cloud Shell command injection

Published Wed, Aug 10th, 2022

Platforms

Summary

A vulnerability was discovered in Cloud Shell that enabled command injection and remote shell access. By manipulating the "project" parameter, an attacker could have cause an unencoded Python script execution flaw. Exploiting this flaw, they could inject a command to display the contents of the "/etc/passwd" file, successfully execute arbitrary commands and obtain remote shell access. However, the impact of this is unclear, as an attacker would seemingly only be able to gain such a remote shell on their own instance.

Affected Services

Google Cloud Shell

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://bugra.ninja/posts/cloudshell-command-injection/

Contributed by https://github.com/mer-b

Entry Status

Finalized

Disclosure Date

Fri, Jan 28th, 2022

Exploitability Period

Known ITW Exploitation

Detection Methods

None

Piercing Index Rating

Discovered by

Bugra Eskici

More vulnerabilities...

low

S3 Replication only logs first destination bucket

If a malicious actor with prior access to an AWS environment has permission to modify the S3 Replication Service role access policy, they could abuse cross-account replication to exfiltrate stolen ...

Kat TraxlerJul 20, 2022

high

Persistence Vulnerability in GCP Cloud Workstations

A critical security flaw in Google Cloud Platform's Cloud Workstations allows unauthorized access and privilege escalation. The vulnerability stems from persistent session management, enabling user...

Saransh Rana, CREDJul 16, 2022

medium

Dependency confusion in AWS CodeArtifact

AWS CodeArtifact was susceptible to dependency confusion / substitution (i.e, publication of a malicious package to a public repository with the same name as an organization’s internal package). AW...

Ignacio Dominguez, ZegoJul 14, 2022

View all