CVE-2018-7886 : CloudMe Sync 1.11.0 – Local Buffer Overflow
CVE-2018-7886 discovered by ICSS team member Prasenjit Kanti Paul who is the Co-Founder of Indian Cyber Security Solutions. The Exploit is published on Exploit DB on 16-04-2018. It’s an achievement for Indian Cyber Security Solutions. The Exploit details are as follows:
Exploit Title: Local Buffer Overflow on CloudMe Sync v1.11.0
Author: Prasenjit Kanti Paul
Previous version CloudMe Sync 1.10.9 is having a RCE [CVE-2018-6892] on TCP port 8888 which can be accessed remotely. So any unauthenticated remote user could cause buffer overflow on port 8888 and execute any arbitrary code of victim’s system.
To prevent RCE in CloudMe Sync 1.10.9 , in CloudMe Sync 1.11.0, it restricted TCP port 8888 to be used locally (127.0.0.1) so only localhost can use this port. So this exploit is a local exploit.
This vulnerability exists because of an incomplete fix for CVE-2018-6892.
Proof Of Concept
Run this file in victim’s win 7 sp1 x86 system where CloudMe Sync 1.11.0 has been installed.
After running this PoC on victim’s system, attacker system got the shell
Highest Selling Technical Courses of Indian Cyber Security Solutions:
Cybersecurity services that can protect your company:
Other Location for Online Courses: