Описание
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an __destruct magic method in guzzlehttp.
Ссылки
- PatchThird Party Advisory
- ExploitThird Party Advisory
- Vendor Advisory
- PatchThird Party Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.9.5-3 (включая)
cpe:2.3:a:opencats:opencats:*:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.27726
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-502
Связанные уязвимости
github
больше 3 лет назад
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote code execution. This occurs because lib/DataGrid.php calls unserialize for the parametersactivity:ActivityDataGrid parameter. The PHP object injection exploit chain can leverage an __destruct magic method in guzzlehttp.
EPSS
Процентиль: 96%
0.27726
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-502