CVE-2023-30856

eDEX-UI cross-site websocket hijacking vulnerability enables remote command execution

CVSS 8.3 HIGHEPSS 0.3%CWE-1385 CWE-346

In short

eDEX-UI, a terminal emulator, has a flaw that lets malicious websites connect to its internal control system and run harmful commands on your computer while you browse the web. This is serious because it can give attackers direct access to your system.

Technical detail

Cross-site WebSocket hijacking vulnerability in eDEX-UI versions ≤2.2.8 allows unauthenticated remote command execution via a malicious website that establishes a connection to the unprotected internal WebSocket endpoint. The vulnerability requires a victim to visit the attacker's site while eDEX-UI is running, exploiting insufficient CORS/origin validation on the WebSocket handler.

Summary generated and translated by AI from the official description.

eDEX-UI is a science fiction terminal emulator. Versions 2.2.8 and prior are vulnerable to cross-site websocket hijacking. When running eDEX-UI and browsing the web, a malicious website can connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell. The project has been archived since 2021, and as of time of publication there are no plans to patch this issue and release a new version. Some workarounds are available, including shutting down eDEX-UI when browsing the web and ensuring the eDEX terminal runs with lowest possible privileges.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

Affected products

GitSquared · edex-ui

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://christian-schneider.net/CrossSiteWebSocketHijacking.html https://github.com/GitSquared/edex-ui/blob/04a00c4079908788b371c6ecdefff96d0d9950f8/src/classes/terminal.class.js#L458 https://github.com/GitSquared/edex-ui/security/advisories/GHSA-q8xc-f2wf-ffh9