FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters.
PUBLISHED5.2CWE-78
FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test
Problem type
Affected products
iWT Ltd.
FaceSentry Access Control System
6.4.8 build 264 - AFFECTED
5.7.2 build 568 - AFFECTED
5.7.0 build 539 - AFFECTED
References
ExploitDB-47064
https://www.exploit-db.com/exploits/47064
Official Product Homepage
http://www.iwt.com.hk
Zero Science Lab Disclosure (ZSL-2019-5523)
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5523.php
GitHub Security Advisories
GHSA-8cmh-3qph-fccm
FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php...
https://github.com/advisories/GHSA-8cmh-3qph-fccmFaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2019-25243Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2019-25243",
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"dateUpdated": "2025-12-24T20:23:05.664Z",
"dateReserved": "2025-12-24T14:27:12.476Z",
"datePublished": "2025-12-24T19:27:58.965Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck",
"dateUpdated": "2025-12-24T19:27:58.965Z"
},
"datePublic": "2019-05-28T00:00:00.000Z",
"title": "FaceSentry 6.4.8 Authenticated Remote Command Injection via Ping Test",
"descriptions": [
{
"lang": "en",
"value": "FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters."
}
],
"affected": [
{
"vendor": "iWT Ltd.",
"product": "FaceSentry Access Control System",
"versions": [
{
"version": "6.4.8 build 264",
"status": "affected"
},
{
"version": "5.7.2 build 568",
"status": "affected"
},
{
"version": "5.7.0 build 539",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/47064",
"name": "ExploitDB-47064",
"tags": [
"exploit"
]
},
{
"url": "http://www.iwt.com.hk",
"name": "Official Product Homepage",
"tags": [
"product"
]
},
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5523.php",
"name": "Zero Science Lab Disclosure (ZSL-2019-5523)",
"tags": [
"third-party-advisory"
]
}
],
"metrics": [
{
"format": "CVSS"
},
{
"format": "CVSS",
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
}
],
"credits": [
{
"lang": "en",
"value": "LiquidWorm as Gjoko Krstic of Zero Science Lab",
"type": "finder"
}
]
},
"adp": [
{
"providerMetadata": {
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP",
"dateUpdated": "2025-12-24T20:23:05.664Z"
},
"title": "CISA ADP Vulnrichment",
"references": [
{
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5523.php",
"tags": [
"exploit"
]
}
],
"metrics": [
{}
]
}
]
}
}