CVE-2011-10026

Опубликовано: 20 авг. 2025

Источник: nvd

CVSS3: 9.8

EPSS Средний

Описание

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.

Ссылки

https://github.com/spree
Product
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
Exploit
Third Party Advisory
https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
Vendor Advisory
https://www.exploit-db.com/exploits/17199
Exploit
VDB Entry
https://www.vulncheck.com/advisories/spreecommerce-api-rce
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:spreecommerce:spree:*:*:*:*:*:*:*:*

Версия до 0.50.1 (исключая)

EPSS

Процентиль: 98%

0.64724

Средний

9.8 Critical

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-x485-rhg3-cqr4

github

6 месяцев назад

Spree Commerce is vulnerable to RCE through Search API