What is it
A command injection vulnerability is one that allows arbitrary command execution. Some related vulnerabilities and attacks include Code injection, blind SQL injection, blind XPath injection, LDAP injection, path traversal vulnerabilities etc.
How serious is it
Command injection vulnerabilities are very serious because it means one can run any command under the current security context resulting in possible system compromise and/or data leak.
The impact of command injection may result in
- Adding a new user
- Transferring data from the current system
- Starting / stopping a system service
- Installing a malicious software like keyloggers, virus, Trojan, worm, etc.
- Gaining access to data contained in your system (loss of Confidentiality)
- Possible loss of data (loss of Availability)
The amount of data an attacker can retrieve depends on multiple factors like his creative skills, system design and vulnerabilities in the system’s implementation.
How to prevent
Use safe APIs to filter command injection. This refers to using APIs (Application Programming Interfaces) that could handle / parse commands so that command injection can be avoided. One example could be using Runtime.exec (in Java).
Implement Secure Software Development Lifecycle (SSDLC)
Secure Coding guidelines although critical form ONLY a piece of the puzzle. In order to ensure that applications are secure, security need to be bolted right from the requirements stage and should extrapolate across every other stage be it Design, Coding, Review, Testing, Release or implementation.