exploitDog

CVE-2020-21523

Опубликовано: 30 сент. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 10

EPSS Низкий

Описание

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}

Ссылки

https://github.com/halo-dev/halo/issues/419
Exploit
Issue Tracking
Third Party Advisory
https://github.com/halo-dev/halo/issues/419
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:halo:halo:1.1.3:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00837

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-mx65-vqhq-g7wg

github

больше 3 лет назад

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}

EPSS

Процентиль: 74%

0.00837

Низкий

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-74