Application Security , Governance & Risk Management , Next-Generation Technologies & Secure Development

Patch Issued for Flaw in Sunhillo SureLine Surveillance App

Researchers at NCC Group Describe the Risks
Patch Issued for Flaw in Sunhillo SureLine Surveillance App

Researchers discovered an unauthenticated operating system command injection vulnerability in the Sunhillo SureLine surveillance application that allows an attacker to execute arbitrary commands with root privileges. The flaw has since been patched.

See Also: The Essential Guide to Container Monitoring

The vulnerability, tracked as CVE-2021-36380, allows a threat actor to establish an interactive channel, taking control of the target system and possibility complete system compromise, according to researchers at the security firm NCC Group.

"With the threat actor in full control of the device they could have caused a denial of service or utilized the device for persistence on the network," the researchers report.

The vulnerable version is SureLine: 8.7.0. Researchers from NCC Group recommend immediately updating to the patched version, Sunhillo SureLine version 8.7.0.1.1.

Sunhillo provides technology for the Federal Aviation Administration, U.S. military and civil aviation authorities worldwide.

A spokesperson for Sunhillo was not immediately available to comment.

OS Command Injection

The vulnerability directly incorporated user-controllable parameters within a shell command, which allowed an attacker to manipulate the resulting command by injecting valid OS command input, the researchers say.

"The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session. The script did appear to validate user input and blocked most techniques for OS command injection," says Liam Glanfield of NCC Group.

The vulnerability exists due to improper input validation in the "ipAddr" and "dnsAddr" parameters in the script, NCC Group reports. The researchers also found the creation of a reverse connection to an attacker’s host, leading to the establishment of a covert channel allowing an attacker to execute commands on the server.

NCC Group says it reported the flaw to Sunhillo on June 21, and the software firm released a patch July 22.


About the Author

Prajeet Nair

Prajeet Nair

Principal Correspondent

Nair is principal correspondent for Information Security Media Group's global news desk. He has previously worked at TechCircle, IDG, Times Group and other publications where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.