CVE-2017-18357

Опубликовано: 15 янв. 2019

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Средний

Описание

Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.

Ссылки

http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArguments-PHP-Object-Instantiation.html
https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/
Exploit
Third Party Advisory
https://demo.ripstech.com/projects/shopware_5.3.3
Third Party Advisory
http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArguments-PHP-Object-Instantiation.html
https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/
Exploit
Third Party Advisory
https://demo.ripstech.com/projects/shopware_5.3.3
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*

Версия до 5.3.4 (исключая)

EPSS

Процентиль: 98%

0.57295

Средний

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-610

Связанные уязвимости

GHSA-6m27-7cqj-2mxw