July 19, 201510 yr I think i've found a way for an unauthenticated user execute any arbitrary code as root (including modifying system files, change or reset permissions etc.). Is this the correct place to detail this? Does limetech have a bug bounty program?
July 19, 201510 yr I think i've found a way for an unauthenticated user execute any arbitrary code as root (including modifying system files, change or reset permissions etc.). Is this the correct place to detail this? Does limetech have a bug bounty program? Yes we have a 'todo' item to close this loophole (if it's what I think you found). Please send me an email: [email protected] We don't have a 'bounty' system in place but we have talked about implementing this for features - if we did it for bugs we'd probably go broke in a week
September 1, 201510 yr I think i've found a way for an unauthenticated user execute any arbitrary code as root (including modifying system files, change or reset permissions etc.). Is this the correct place to detail this? Does limetech have a bug bounty program? Yes we have a 'todo' item to close this loophole (if it's what I think you found). Please send me an email: [email protected] We don't have a 'bounty' system in place but we have talked about implementing this for features - if we did it for bugs we'd probably go broke in a week So has this been closed then Tom?
September 2, 201510 yr Are we going to disclose the details of this? Thats the typical conclusion to this type of report.
September 2, 201510 yr One could simply issue a http post or http get to emhttp and execute arbitrary code. If you look at the thread Important Update for Plugin Authors for Unraid 6.1 it contains the details needed. I think it was in the Update page. The solution was to go with a jailed-like environment so only commands under emhttp root are able to be executed.
Archived
This topic is now archived and is closed to further replies.