Impact
When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell.
Patches
The project has been archived for 2+ years, and at the moment there are no plans to patch this issue and release a new version.
Workarounds
- Shutting down eDEX-UI when browsing the web
- Ensuring the eDEX terminal runs with lowest possible privileges helps mitigating potential risks
References
More context about the root cause of this issue can be found here:
https://christian-schneider.net/CrossSiteWebSocketHijacking.html
The vulnerable code can be examined here:
|
this.wss.on("connection", ws => { |
aufzayed Reporter
Impact
When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell.
Patches
The project has been archived for 2+ years, and at the moment there are no plans to patch this issue and release a new version.
Workarounds
References
More context about the root cause of this issue can be found here:
https://christian-schneider.net/CrossSiteWebSocketHijacking.html
The vulnerable code can be examined here:
edex-ui/src/classes/terminal.class.js
Line 458 in 04a00c4