Researcher releases FireEye local file disclosure zero-day

FireEye, a US-based network security company that provides protection against cyber threats now needs protection for their own appliance.

Security researcher Kristian Erik Hermansen has discovered a zero-day in FireEye appliance. The vulnerability is in PHP based platform that allows an attacker to access files of a web server. The most interesting thing which Erik noted is the web server runs as root user (for those who don’t know what is a root user, the root user is equivalent to Administrator user of Windows). The exploit is publicly available at exploit-db, a site by Offensive Security which lists the exploit.

On checking his Twitter account, I noticed that he is selling more FireEye zero-day exploits which include “Unauthenticated Command Injection remote root 0day at module, Authenticated (user login required) Command Injection remote root 0day at module and Login Bypass 0day at module”. He is also selling IBM / AIX local privilege escalation 0day.