CVE-2020-35734

Опубликовано: 15 фев. 2021

Источник: nvd

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user's data (username, displayed name, etc.). NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Ссылки

http://packetstormsecurity.com/files/161457/Batflat-CMS-1.3.6-Remote-Code-Execution.html
Exploit
Third Party Advisory
https://batflat.org/en/changelog
Release Notes
Vendor Advisory
https://github.com/sruupl/batflat/issues/98
Exploit
Third Party Advisory
https://secator.pl/index.php/2021/02/15/batflat-v-1-3-6-authenticated-remote-code-execution-public-disclosure/
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/161457/Batflat-CMS-1.3.6-Remote-Code-Execution.html
Exploit
Third Party Advisory
https://batflat.org/en/changelog
Release Notes
Vendor Advisory
https://github.com/sruupl/batflat/issues/98
Exploit
Third Party Advisory
https://secator.pl/index.php/2021/02/15/batflat-v-1-3-6-authenticated-remote-code-execution-public-disclosure/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:batflat:batflat:1.3.6:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05156

Низкий

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-2wjg-24qc-pq5v