Security researcher Ebrahim Hegazy has identified a remote command execution vulnerability in a Yahoo server. Yahoo has addressed the security hole.
According to the expert, he initially found a remote PHP code injection flaw. However, he managed to escalate it to a remote code execution vulnerability.
The issue was identified on tw.user.mall.yahoo.com, but Hegazy says that the underlying server hosts several other subdomains as well.
The security hole was reported to Yahoo on January 20, and it was fixed the next day. Yahoo representatives have told the researcher that they’re trying to determine if his findings are covered by the new bug bounty program.
Additional technical details on the vulnerability are available on Hegazy’s blog. You can also check out the proof of concept video published by the expert.