The 2018 Pwnie Nominee For Best Client-Side Bug

DynoRoot

DynoRoot!!!1111 (CVE-2018-1111)

Credit: Felix Wilhelm (@_fel1x)

Yo dawg! I heard that you like clients, so I made your server a client too so that it can be vulnerable to client-side vulnerabilities.

DynoRoot is a shell command injection vulnerability in RedHat’s DHCP client scripts in RHEL 6 and 7. It’s Redonkulously Simple (TM) to exploit once you’re already on the same subnet as the target server. At which point, you have already pretty much won, haven’t you?