# Exploit Title: Arbitrary Code Execution in Openfiler # Exploit author: Dolev Farhi @f1nhack # Date 07/05/2014 # Vendor homepage: http://www.openfiler.com # Affected Software version: 2.99.1 # Alerted vendor: 7.5.14 Software Description ===================== Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based Storage Area Networking functionality in a single cohesive framework. Vulnerability Description ========================= Arbitrary code execution Steps to reproduce / PoC: ========================= 1.1. Login to Openfiler dashboard. 1.2. Under system tab -> Hostname 1.3. Enter any shell command you desire using the backticks ` ` e.g. `cat /etc/passwd` 1.4. the code reflects in the hostname value space <-> PoC Video: https://www.youtube.com/watch?v=NzjB9U_0yLE&feature=youtu.be