7.5
CVE-2024-45293
- EPSS 71.63%
- Veröffentlicht 07.10.2024 20:15:06
- Zuletzt bearbeitet 07.03.2025 16:48:11
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginPHPSpreadsheet Library < 2.3.0 - XXE Injection
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel (XLSX) sheets, Server files and sensitive information can be disclosed by providing a crafted sheet. The security scan function in src/PhpSpreadsheet/Reader/Security/XmlScanner.php contains a flawed XML encoding check to retrieve the input file's XML encoding in the toUtf8 function. The function searches for the XML encoding through a defined regex which looks for `encoding="*"` and/or `encoding='*'`, if not found, it defaults to the UTF-8 encoding which bypasses the conversion logic. This logic can be used to pass a UTF-7 encoded XXE payload, by utilizing a whitespace before or after the = in the attribute definition. Sensitive information disclosure through the XXE on sites that allow users to upload their own excel spreadsheets, and parse them using PHPSpreadsheet's Excel parser. This issue has been addressed in release versions 1.29.1, 2.1.1, and 2.3.0. All users are advised to upgrade. There are no known workarounds for this vulnerability.
Mögliche Gegenmaßnahme
Advanced Contact form 7 DB: No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Import Content in WordPress & WooCommerce with Excel: Update to version 4.4, or a newer patched version
Products Stock Manager with Excel for WooCommerce Inventory: Update to version 2.1, or a newer patched version
TablePress – Tables in WordPress made easy: Update to version 2.4.3, or a newer patched version
Import Users & Customers | Export Users with Excel for WordPress & WooCommerce: Update to version 1.6, or a newer patched version
Visualizer: Tables and Charts Manager for WordPress: Update to version 3.11.7, or a newer patched version
Product Excel Import Export & Bulk Edit for WooCommerce: Update to version 4.7, or a newer patched version
Advanced Order Export For WooCommerce: Update to version 4.0.1, or a newer patched version
Product Excel Import & Export for WooCommerce: Update to version 6.0, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Advanced Contact form 7 DB
Version
*-2.0.5
SystemWordPress Plugin
≫
Produkt
Import Content in WordPress & WooCommerce with Excel
Version
*-4.3
SystemWordPress Plugin
≫
Produkt
Products Stock Manager with Excel for WooCommerce Inventory
Version
*-1.8
SystemWordPress Plugin
≫
Produkt
TablePress – Tables in WordPress made easy
Version
*-2.4.2
SystemWordPress Plugin
≫
Produkt
Import Users & Customers | Export Users with Excel for WordPress & WooCommerce
Version
*-1.5
SystemWordPress Plugin
≫
Produkt
Visualizer: Tables and Charts Manager for WordPress
Version
*-3.11.6
SystemWordPress Plugin
≫
Produkt
Product Excel Import Export & Bulk Edit for WooCommerce
Version
*-4.6
SystemWordPress Plugin
≫
Produkt
Advanced Order Export For WooCommerce
Version
*-3.6.0
SystemWordPress Plugin
≫
Produkt
Product Excel Import & Export for WooCommerce
Version
*-5.9
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpoffice ≫ Phpspreadsheet Version < 1.29.1
Phpoffice ≫ Phpspreadsheet Version >= 2.0.0 < 2.1.1
Phpoffice ≫ Phpspreadsheet Version >= 2.2.0 < 2.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 71.63% | 0.987 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| security-advisories@github.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-611 Improper Restriction of XML External Entity Reference
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.