medium

Google Cloud Shell command injection

Published Wed, Aug 10th, 2022

Platforms

Summary

A vulnerability was discovered in Cloud Shell that enabled command injection and remote shell access. By manipulating the "project" parameter, an attacker could have cause an unencoded Python script execution flaw. Exploiting this flaw, they could inject a command to display the contents of the "/etc/passwd" file, successfully execute arbitrary commands and obtain remote shell access. However, the impact of this is unclear, as an attacker would seemingly only be able to gain such a remote shell on their own instance.

Affected Services

Google Cloud Shell

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://bugra.ninja/posts/cloudshell-command-injection/

Contributed by https://github.com/mer-b

Disclosure Date

Fri, Jan 28th, 2022

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

Bugra Eskici

More vulnerabilities...

low

S3 Replication only logs first destination bucket

If a malicious actor with prior access to an AWS environment has permission to modify the S3 Replication Service role access policy, they could abuse cross-account replication to exfiltrate stolen ...

Kat Traxler

Wed, Jul 20th, 2022

medium

Dependency confusion in AWS CodeArtifact

AWS CodeArtifact was susceptible to dependency confusion / substitution (i.e, publication of a malicious package to a public repository with the same name as an organization’s internal package). AW...

Ignacio Dominguez, Zego

Thu, Jul 14th, 2022

low

Microsoft Azure Site Recovery DLL hijacking

The Microsoft Azure Site Recovery suite contained a DLL hijacking flaw that allowed for privilege escalation from any low privileged user to SYSTEM on hosts where this service was installed. Incorr...

James Sebree, Tenable

Tue, Jul 12th, 2022

View all