Maarch Courrier 21.03, 2nd order cmd injecton to RCE
Jul 16, 2023
This article discusses a critical remote code execution (RCE) vulnerability in the Maarch Courrier software, an electronic correspondence and document management system. The vulnerability, found during a white-box code review session, allows an attacker with administrator access to execute arbitrary commands on the server. The exploit involves command injection through improperly sanitized user inputs in the administration settings of the software. Detailed analysis, including proof of concept and the method of exploitation through the software's REST API, is provided.