Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

PHP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PHP code

OS commands should not be vulnerable to argument injection attacks

intentionality - complete

security

Vulnerability

Why is this an issue?

How can I fix it?

More Info

OS command argument injections occur when applications allow the execution of operating system commands from untrusted data but the untrusted data is limited to the arguments.
It is not possible to directly inject arbitrary commands that compromise the underlying operating system, but the behavior of the executed command still might be influenced in a way that allows to expand access, for example, execution of arbitrary commands. The security of the application depends on the behavior of the application that is executed.

What is the potential impact?

An attacker exploiting an arguments injection vulnerability will be able to add arbitrary argument to a system binary call. Depending on the command the parameters are added to, this might lead to arbitrary command execution.

The impact depends on the access control measures taken on the target system OS. In the worst-case scenario, the process runs with root privileges, and therefore any OS commands or programs may be affected.

Below are some real-world scenarios that illustrate some impacts of an attacker exploiting the vulnerability.

Denial of service and data leaks

In this scenario, the attack aims to disrupt the organization’s activities and profit from data leaks.

An attacker could, for example:

download the internal server’s data, most likely to sell it
modify data, send malware
stop services or exhaust resources (with fork bombs for example)

This threat is particularly insidious if the attacked organization does not maintain a disaster recovery plan (DRP).

Root privilege escalation and pivot

In this scenario, the attacker can do everything described in the previous section. The difference is that the attacker also manages to elevate their privileges to an administrative level and attacks other servers.

Here, the impact depends on how much the target company focuses on its Defense In Depth. For example, the entire infrastructure can be compromised by a combination of OS injections and misconfiguration of:

Docker or Kubernetes clusters
cloud services
network firewalls and routing
OS access control

Available In:

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.2

In-IDE

SaaS

Self-Hosted