Two vulnerabilities was discovered in ProlinOS

Two critical vulnerabilities discovered in ProlinOS could allow attackers to gain root access.

Sunday, November 1, 2020, 20:16 GMT

The First issue:

Vulnerability using 2.4.161.8859R, a concern was found in ProlinOS. By manipulating the setuid installation of the xtables-multi binary and using the ip6tables modprobe switch, a similar problem to CVE-2019-11360.0, an attacker with local code execution privileges as a regular user (MAINAPP) will escalate to root privilege.

The second vulnerability:

In ProlinOS, by 2.4.161.8859R, an unsigned-library problem was noticed. This OS includes installed programs and all device binaries to be signed by either the manufacturer or the creator and seller of the Point Of Sale program. The signature is a 2048-byte RSA signature checked before ELF execution in the kernel. However, shared libraries do not have to be registered, and are not checked. By compiling it as a shared object and loading it using LD PRELOAD, an attacker can execute a custom binary.

Solution:

Update/Upgrade to any version higher than 2.4.161.8859R.

CVEs

  1. Arbitrary read/write – CVE-2020-28044
  2. ELF signature bypass – CVE-2020-28045
  3. Root privesc – CVE-2020-28046

References:

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28045

Suggested for you:

TP-Link AC750 WiFi Extender (RE220), Covers Up to 1200 Sq.ft and 20 Devices, Up to 750Mbps Dual Band WiFi Range Extender, WiFi Booster to Extend Range of WiFi Internet Connection