CVE-2018-1000533

Exploit

EPSS 92.43%
Veröffentlicht 26.06.2018 16:29:01
Zuletzt bearbeitet 21.11.2024 03:40:08
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gitlist ≫ Gitlist Version <= 0.6.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	92.43%	0.997

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://github.com/klaussilveira/gitlist/commit/87b8c26b023c3fc37f0796b14bb13710f397b322

Patch

Third Party Advisory

https://security.szurek.pl/exploit-bypass-php-escapeshellarg-escapeshellcmd.html

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2018-1000533

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-1000533

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-1000533

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-1000533