CVE-2017-17672

Опубликовано: 14 дек. 2017

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.

Ссылки

https://blogs.securiteam.com/index.php/archives/3573
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/43362/
Exploit
Third Party Advisory
VDB Entry
https://blogs.securiteam.com/index.php/archives/3573
Exploit
Third Party Advisory
https://www.exploit-db.com/exploits/43362/
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*

Версия от 5.0.1 (включая) до 5.3.3 (включая)

cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_11:*:*:*:*:*:*

cpe:2.3:a:vbulletin:vbulletin:5.0.0:beta_28:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08279

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-502

Связанные уязвимости

GHSA-fxrf-cmv6-rm5j