CVE-2022-1386

Exploit

EPSS 71.72%
Veröffentlicht 16.05.2022 15:15:09
Zuletzt bearbeitet 21.11.2024 06:40:37
Quelle contact@wpscan.com
CVE-Watchlists
Login
Unerledigt
Login

Fusion Builder < 3.6.2 - Unauthenticated SSRF

Fusion Builder <= 3.6.1 & Avada <= 7.6.1 - Unauthenticated Server-Side Request Forgery

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.

Mögliche Gegenmaßnahme

Avada (Fusion) Builder: Update to version 3.6.2, or a newer patched version

Avada | Website Builder For WordPress & WooCommerce: Update to version 7.6.2, or a newer patched version

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

NVD 2 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Fusion Builder Project ≫ Fusion Builder SwPlatformwordpress Version < 3.6.2

Theme-fusion ≫ Avada SwPlatformwordpress Version < 7.6.2

Weitere Schwachstelleninformationen

SystemWordPress Plugin

≫

Produkt Avada (Fusion) Builder

Version [*, 3.6.2)

SystemWordPress Theme

≫

Produkt Avada | Website Builder For WordPress & WooCommerce

Version [*, 7.6.2)

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	71.72%	0.993

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://theme-fusion.com/version-7-6-2-security-update/

Patch

Third Party Advisory

Release Notes

https://wpscan.com/vulnerability/bf7034ab-24c4-461f-a709-3f73988b536b

Third Party Advisory

Exploit

https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/

Patch

Third Party Advisory

https://www.wordfence.com/threat-intel/vulnerabilities/id/ad3de7e6-a080-4ce8-aa27-21e7f8fdb2c7

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-1386

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-1386

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-1386

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-1386