8.8
CVE-2024-8480
- EPSS 0.85%
- Veröffentlicht 06.09.2024 04:15:05
- Zuletzt bearbeitet 26.09.2024 18:13:58
- Quelle security@wordfence.com
- CVE-Watchlists
- Unerledigt
LoginImage Optimizer, Resizer and CDN – Sirv <= 7.2.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload
Image Optimizer, Resizer and CDN – Sirv <= 7.2.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Upload
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sirv_save_prevented_sizes' function in all versions up to, and including, 7.2.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to exploit the 'sirv_upload_file_by_chunks_callback' function, which lacks proper file type validation, allowing attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Mögliche Gegenmaßnahme
Image Optimizer, Resizer and CDN – Sirv: Update to version 7.2.8, or a newer patched version
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.85% | 0.534 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| security@wordfence.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
https://plugins.trac.wordpress.org/browser/sirv/tags/7.2.7/sirv.php#L6331
https://plugins.trac.wordpress.org/browser/sirv/trunk/sirv.php?rev=3103410#L4647
https://plugins.trac.wordpress.org/changeset/3115018/
https://www.wordfence.com/threat-intel/vulnerabilities/id/1e3e628f-b5e7-40fd-9d34-4a3b23e1e0e7?source=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/1e3e628f-b5e7-40fd-9d34-4a3b23e1e0e7