Описание
Unauthenticated remote code execution in Ignition
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-3129
- https://github.com/facade/ignition/pull/334
- https://github.com/facade/ignition/commit/11ffca14abd22db779d90b12e193f8000f6d184b
- https://github.com/FriendsOfPHP/security-advisories/blob/master/facade/ignition/CVE-2021-3129.yaml
- https://www.ambionics.io/blog/laravel-debug-rce
- http://packetstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.html
Пакеты
facade/ignition
>= 2.5.0, < 2.5.2
2.5.2
facade/ignition
>= 2.0.0, < 2.4.2
2.4.2
facade/ignition
>= 1.7.0, < 1.16.14
1.16.14
facade/ignition
< 1.6.15
1.6.15
Связанные уязвимости
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Уязвимость реализации функций file_get_contents() и file_put_contents() библиотеки Ignition PHP-фреймворка Laravel, позволяющая нарушителю выполнить произвольный код