CVE-2019-10068
CVE-2019-10068
In short
Kentico's staging service failed to validate security headers, allowing attackers to skip authentication and execute arbitrary code on the server by sending specially crafted requests with malicious data.
Technical detail
A security header validation bypass in the staging service allows unauthenticated attackers to send specially crafted requests containing user-controlled .NET serialized objects. The application deserializes this input without proper validation, leading to unauthenticated remote code execution (RCE) on the server hosting the Kentico instance.
Summary generated and translated by AI from the official description.
An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure to validate security headers, it was possible for a specially crafted request to the staging service to bypass the initial authentication and proceed to deserialize user-controlled .NET object input. This deserialization then led to unauthenticated remote code execution on the server where the Kentico instance was hosted.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
githubgithub.com/0x7a-zip/CVE-2019-10068-PoC★ 0cve_referencepacketstormsecurity.com/files/157588/Kentico-CMS-12.0.14-Remote-Command-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →