CVE-2020-11060

Remote Code Execution in GLPI

CVSS 7.4 HIGHEPSS 10.9%CWE-74

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account having Maintenance privileges and the right to add WIFI networks. This is fixed in version 9.4.6.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

Affected products

glpi-project · GLPI

public PoCs found — 4

githubgithub.com/0xdreadnaught/cve-2020-11060-poc★ 8 cve_referencepacketstormsecurity.com/files/163119/GLPI-9.4.5-Remote-Code-Execution.htmlunverified exploitdbwww.exploit-db.com/exploits/49992unverified exploitdbwww.exploit-db.com/exploits/51726unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/163119/GLPI-9.4.5-Remote-Code-Execution.html https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f