← back
CVE-2018-25357

Dolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.php

CVSS 9.3 CRITICALEPSS 1.7%CWE-94
Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the db_name parameter, then execute commands via the check.php endpoint using the cmd GET parameter.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
Dolibarr · Dolibarr ERP CRM
public PoCs found1
cve_referencewww.exploit-db.com/exploits/44964unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://dolibarr.orghttps://github.com/Dolibarr/dolibarrhttps://www.exploit-db.com/exploits/44964https://www.vulncheck.com/advisories/dolibarr-erp-crm-remote-code-evaluation-via-install-step1-php