Vulnerability — CVE-2018-18556

CVE-2018-18556

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2018-18556
Description:: A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions and leverage its improper input validation condition to spawn an attacker-controlled shell with root privileges.
Last updated date:: 01/20/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/21/2020
Reference url to background: https://blog.mirch.io/2018/11/05/cve-2018-18556-vyos-privilege-escalation-via-sudo-pppd-for-operator-users/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/21/2020
Reference url to background: https://blog.vyos.io/the-operator-level-is-proved-insecure-and-will-be-removed-in-the-next-releases

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/27/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/ssh/vyos_restricted_shell_privesc.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 01/20/2023
Reference url to background: http://packetstormsecurity.com/files/159234/VyOS-restricted-shell-Escape-Privilege-Escalation.html