Shiguangwu sgwbox N3 is a web server component used in some Docker environments. It's an unknown function in the /usr/sbin/http_eshell_server file that allows command injection when manipulating the argument params. This vulnerability can be exploited remotely with low complexity, making it accessible to script kiddies.
You're affected if you use Shiguangwu sgwbox N3 version 2.0.25 or earlier. To check if your instance is vulnerable, run ls /usr/sbin/http_eshell_server (Note: This command may not work on all systems).
This is Shiguangwu sgwbox N3, NOT Docker or any other containerization software.
Upgrade to Shiguangwu sgwbox N3 version 2.0.26 or later from the vendor's website.
- Immediate mitigations:
- Restrict network access to your Shiguangwu sgwbox N3 instance (firewall it from the public internet)
- Audit server logs for suspicious command injection attempts