CVE-2023-33177

EPSS 7.09%
Veröffentlicht 30.05.2023 20:15:10
Zuletzt bearbeitet 21.11.2024 08:05:03
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

Xibo CMS vulnerable to Remote Code Execution through Zip Slip

Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip file can be uploaded to the CMS via the layout import function by an authenticated user which would allow creation of files outside of the CMS library directory as the webserver user. This can be used to upload a PHP webshell inside the web root directory and achieve remote code execution as the webserver user. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xibosignage ≫ Xibo Version >= 1.8.0 < 2.3.17

Xibosignage ≫ Xibo Version >= 3.0.0 < 3.3.5

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.09%	0.934

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security-advisories@github.com	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://claroty.com/team82/disclosure-dashboard

Third Party Advisory

https://github.com/xibosignage/xibo-cms/commit/1cbba380fa751a00756e70d7b08b5c6646092658

Patch

https://github.com/xibosignage/xibo-cms/commit/45c6b53c3978639db03b63270a56f4397f49b2c9

Patch

https://github.com/xibosignage/xibo-cms/security/advisories/GHSA-jj27-x85q-crqv

Patch

Vendor Advisory

https://xibosignage.com/blog/security-advisory-2023-05/

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-33177