[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FD] Zepl Notebook - Remote Code Execution
- To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
- Subject: [FD] Zepl Notebook - Remote Code Execution
- From: <ghost@xxxxxxxxxxxxxx>
- Date: Wed, 16 Feb 2022 20:42:42 -0700
Exploit Title: Zepl Notebook - Remote Code Execution
Date: 9/28/2021
Vendor Homepage: https://zepl.com/
Software Link: https://app.zepl.com/
Version: All previous versions of product to the date of this submission
Tested on: The issue affects all versions of the product up to the date of this
submission
Exploit Authors: Josh Sheppard & Pathfynder Inc
Exploit Contact: ghost a t undervurse dot_com & josh a t pathfynder dot_io
Exploit Technique: Remote
CVE ID: CVE-2021-42950
1. Description
A remote code execution vulnerability has been discovered in Zepl's Notebooks
product. Users can register for an account and are allocated a set number of
credits to try the product. Once users authenticate, they can proceed to create
a new organization by which additional users can be added for various
collaboration abilities. Once this has been established, users can then create
new Zepl Notebooks with various languages, contexts and deployment scenarios.
Upon creating a new notebook with specially crafted malicious code, a user can
then launch remote code execution.
This vulnerability effects all previous versions of their Notebook product
suite.
2. Disclosure Timeline
9/28/21 - Discovery and Exploitation
9/28/21 - Vendor Notified
2/16/22 - CVE Assignment
2/17/22 - Public Disclosure
3. Mitigation
Hotfix applied to vendors SAAS solution, no action is necessary at this time.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/