9

CVE-2020-11060

Remote Code Execution in GLPI

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Glpi-projectGlpi Version < 9.4.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.95% 0.953
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 9 8 10
AV:N/AC:L/Au:S/C:C/I:C/A:C
security-advisories@github.com 7.4 3.1 3.7
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
CWE-352 Cross-Site Request Forgery (CSRF)

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

http://packetstormsecurity.com/files/163119/GLPI-9.4.5-Remote-Code-Execution.html
Third Party Advisory
VDB Entry
https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
Patch
Third Party Advisory
https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f
Patch
Third Party Advisory