« Home

GNUBoard5 RCE & MySQL Credential Leak
bughuntingpentestKVEwriteupgnuboard

Posted by stypr on 2019-01-17

GNUBoard is the most popular BBS board in South Korea.

I received $500 for RCE on Windows and $50 for MySQL password leak.

Video (Click to view)

Crypto

IMAGE ALT TEXT

RCE

IMAGE ALT TEXT

PoC

Crypto Exploit PoC: https://gist.github.com/stypr/d6f69048e7a1098d9228bc3deccff465

RCE Exploit PoC: https://gist.github.com/stypr/c95d98f4a2ff754abe9dc50aac082916

Fix

Issues have been fixed by the vendor.

https://github.com/gnuboard/gnuboard5/commit/c03fec73b9aeb6571271f4141788e614cc3f6e82

RCE Assigned KVE-2018-0441,0449 Crypto Assigned KVE-2018-0510

  • KVE is Korean-version of CVE