The LANDesk web application does not sufficiently verify if a well-formed request was created by the user whose browser submitted the request. Using this flaw an external remote attacker can use a Cross-site Request Forgery attack via a user with a LANDesk session to run arbitrary code using the gsbadmin user (that is the user running the web-server), the gsbadmin user has sudo privileges. Looking at /etc/sudoers, you can see that the attacker can also take down the firewall (injecting: ; sudo /subin/firewall stop into DRIVES) and load arbitrary kernel modules (injecting ; sudo /subin/modprobe /tmp/a_module), effectively taking complete control of the server. In order to be able to successfully make the attack, the administrator must be logged in to the appliance with the browser that the attacker uses to make the attack (for instance, exploiting a XSS in a different tab in the browser).
CVE Link
Exploit Platform
Exploit Type
Product Name