CVE-2019-16885

Опубликовано: 03 дек. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Средний

Описание

In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remote code execution by injecting a malicious PHP object via a crafted cookie. This could happen at two places: first in view/ProductsView.php using the cookie price_filter, and second in api/Comparison.php via the cookie comparison.

Ссылки

http://packetstormsecurity.com/files/155583/OkayCMS-2.3.4-Remote-Code-Execution.html
Exploit
Third Party Advisory
http://seclists.org/fulldisclosure/2019/Dec/15
Exploit
Third Party Advisory
https://www.ait.ac.at/ait-sa-20191129-01-unauthenticated-remote-code-execution-okaycms
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/155583/OkayCMS-2.3.4-Remote-Code-Execution.html
Exploit
Third Party Advisory
http://seclists.org/fulldisclosure/2019/Dec/15
Exploit
Third Party Advisory
https://www.ait.ac.at/ait-sa-20191129-01-unauthenticated-remote-code-execution-okaycms
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:okay-cms:okaycms:*:*:*:*:*:*:*:*

Версия до 2.3.4 (включая)

EPSS

Процентиль: 95%

0.16895

Средний

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-8gmp-r363-hj9m