August 2, 2023 • Knowledge

Overview and Impact:

Currently supported Infoblox NIOS versions through 8.5.2 have a faulty component that accepts malicious input without sanitization, resulting in shell access. The absence of proper validation on an input field allowed for the exploitation of a remote code execution (RCE) vulnerability. The malicious actor needs access to an authenticated feature in the NIOS UI to be able to execute the malicious input to gain access to the shell.
 

Affected Versions:

NIOS 8.5.2 and prior

Resolution:

The fix for this issue was included in 8.5.3 and later releases of NIOS. A hotfix identified as NIOS-93969 is available for NIOS 8.5.2 and is attached to this article. Additionally this issue was resolved in the hotfix for CVE-2023-2828.

The vulnerability was identified thanks to the efforts of Sean Morland of NCC Group.