{"id":34722,"date":"2020-05-01T05:03:09","date_gmt":"2020-05-01T05:03:09","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/"},"modified":"2020-05-01T05:03:09","modified_gmt":"2020-05-01T05:03:09","slug":"whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/","title":{"rendered":"What’s worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there’s no patch?"},"content":{"rendered":"

Netsweeper’s internet filter has a nasty security vulnerability that can be exploited to hijack the host server and tamper with lists of blocked websites. There are no known fixes right now.<\/p>\n

For those unfamiliar, Netsweeper makes software that monitors and blocks connections to undesirable websites and servers. It’s aimed at parents, schools, government offices, and companies. It has a lot of customers in the Middle East, where it’s used to prevent access to content not meant for the local populace, according to<\/a> investigative Canadian non-profit Citizen Lab.<\/p>\n

The flaw, yet to be given a CVE number, was discovered by an anonymous researcher, and documented<\/a> this week by SecuriTeam Secure Disclosure team leader Noam Rathaus. The bug is present in the web-based Netsweeper administration tool versions 6.4.3 and earlier. It doesn’t require any authentication to exploit: if you can reach the software over the local network or public internet, you can compromise it.<\/p>\n

What Rathaus’s source found was that the control panel’s login script, \/webadmin\/tools\/unixlogin.php<\/code>, fails to fully sanitize user-supplied data, allowing miscreants to commandeer the machine. The login script accepts three parameters: timeout<\/code>, login<\/code>, and password<\/code>. If you set the HTTP request referer header to a specific string, such as webadmin\/admin\/service_manager_data.php<\/code>, the login script will execute a shell script that ultimately uses the password<\/code> parameter unsafely in a Python invocation.<\/p>\n

The second parameter, $2<\/code>, below is derived from the original user-supplied password<\/code>, in this line in the wonky shell script:<\/p>\n

\npassword=$($PYTHON -c \"import crypt; print crypt.crypt('$2','\\$$algo\\$$salt\\$')\")\n<\/pre>\n
If you supply a password that causes $2<\/code> to contain, for example…<\/p>\n
\n($P>YTHON -c \"import crypt; print crypt.crypt('g','');import os;os.system('id >\/tmp\/pwnd')#','\\$$algo\\$$salt\\$')\")\n<\/pre>\n
…you inject and execute a command that stores the Netsweeper software’s user ID to the file \/tmp\/pwnd<\/code>. It’s left as an exercise for the reader to turn this remote-code execution into something malicious.<\/p>\n
Rathaus told The Register<\/em> that, in the worst case scenario, a hacker could exploit the bug to not only take over the host server, but also manipulate how users have their content filtered and delivered by Netsweeper.<\/p>\n
“[You can] control what data they receive when they access sites and download files,” he said. “This is the worst part \u2013 as they can be made to unintentionally download malware and viruses.”<\/p>\n
\"Injecting<\/p>\n
Dear Adobe, Trend Micro users: Please vaccinate your software \u2013 at least some of these security holes were exploited in the wild<\/h2>\n
READ MORE<\/span><\/a><\/div>\n
Interestingly, Netsweeper doesn’t seem too bothered by any of this. Neither Rathaus nor The Register<\/em> were able to get any response from the vendor despite multiple attempts to contact the Canadian biz.<\/p>\n
“We have decided after almost three weeks of trying and getting no response (via emails to support, sales and via Twitter) we decided that the best course of action at the moment is to release a full advisory,” Rathaus said<\/a> of the decision to go public despite no help from the vendor.<\/p>\n
“Hopefully this can reach the right person that can get them to patch it.”<\/p>\n
In the meantime, Rathaus is advising admins to try as best they can to cut off any remote access to the administration tool: make sure it’s behind a firewall, at least, and away from rogue internal users. \u00ae<\/p>\n
Sponsored:<\/span> Practical tips for Office 365 tenant-to-tenant migration<\/a><\/p>\n
READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Bug can be exploited to hijack server, meddle with block lists Netsweeper’s internet filter has a nasty security vulnerability that can be exploited to hijack the host server and tamper with lists of blocked websites. There are no known fixes right now.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":34723,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-34722","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nWhat's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-01T05:03:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"What’s worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there’s no patch?\",\"datePublished\":\"2020-05-01T05:03:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/\"},\"wordCount\":543,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/\",\"name\":\"What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg\",\"datePublished\":\"2020-05-01T05:03:09+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What’s worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there’s no patch?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/","og_locale":"en_US","og_type":"article","og_title":"What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-05-01T05:03:09+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"What’s worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there’s no patch?","datePublished":"2020-05-01T05:03:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/"},"wordCount":543,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/","url":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/","name":"What's worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there's no patch? 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg","datePublished":"2020-05-01T05:03:09+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/whats-worse-than-an-annoying-internet-filter-how-about-one-with-a-pre-auth-remote-command-execution-hole-and-theres-no-patch\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"What’s worse than an annoying internet filter? How about one with a pre-auth remote-command execution hole and there’s no patch?"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34722","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34722"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34722\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34723"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34722"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34722"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34722"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}