Remote Code Execution (RCE)
Summary
RCE refers to execution of arbitrary code on the server via user input, allowing remote control over it.
Description
A Remote Code Eexecution (RCE) vulnerability allows an attacker to run arbitrary code on the server. Normally this issue can occur when user input is not properly sanitized and is used in a context that allows code execution. By executing arbitrary code on the application's server, an attacker might attain unlimited access to the host Operating System the server runs on, get access to the entries in the connected databases, rewrite the application code to steal users' passwords or data, and use the server as an entry point to spread across the internal network.
Remediations
- If possible, completely remove the component causing the remote code execution vulnerability.
- Sanitize all user input to ensure that it does not contain executable code.
- Define an Allow-List of allowed outbound public IP addresses the application's server may interact with, based on only the necessary addresses required for the system's business functionality.
References
hackstack
Anatomy
Usually follows
SQL Injection
XML External Entities (XXE)
Authentication Bypass
Insecure Deserialization
Local or Remote File Inclusion or Read
Unrestricted File Upload
Server Side Request Forgery (SSRF)
Server Side Template Injection (SSTI)
Affected components
Server
Sensitive Information