漏洞标题
N/A
漏洞描述信息
在Microvirt MEmu的所有版本中(包括7.0.2之前的版本),发现了一个问题。在MEmu模拟器中,一个 guest Android 操作系统包含一个/system/bin/systemd 二进制文件,在启动时以root权限运行(这与Red Hat的systemd init程序无关,这是一款由Microvirt开发的 closed-source proprietary工具)。此程序打开了TCP端口21509,可能是为了从主操作系统接收安装相关的命令。由于安装命令后面的所有内容都会直接拼接到系统调用中,因此可以通过提供shell字符集来执行任意命令。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-source proprietary tool that seems to be developed by Microvirt). This program opens TCP port 21509, presumably to receive installation-related commands from the host OS. Because everything after the installer:uninstall command is concatenated directly into a system() call, it is possible to execute arbitrary commands by supplying shell metacharacters.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Microvirt MEmu 操作系统命令注入漏洞
漏洞描述信息
Microvirt MEmu是一款Android模拟器。 Microvirt MEmu 7.0.2之前版本中存在操作系统命令注入漏洞。攻击者可借助shell元字符利用该漏洞执行任意命令。
CVSS信息
N/A
漏洞类别
授权问题