CVE-2020-17496
CVE-2020-17496
In short
vBulletin versions 5.5.4 to 5.6.2 contain a critical flaw that allows attackers to execute arbitrary commands on the server by sending specially crafted requests. This is a serious vulnerability because it gives attackers complete control over the affected website.
Technical detail
The vulnerability exists in the ajax/render/widget_tabbedcontainer_tab_panel endpoint where unsanitized subWidgets data is processed, allowing unauthenticated remote command execution. This issue represents an incomplete remediation of CVE-2019-16759, enabling attackers to bypass the previous patch through alternative input vectors and achieve arbitrary code execution on the server.
Summary generated and translated by AI from the official description.
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
githubgithub.com/ludy-dev/vBulletin_5.x-tab_panel-RCE★ 3githubgithub.com/ctlyz123/CVE-2020-17496★ 1⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/https://cwe.mitre.org/data/definitions/78.htmlhttps://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patchhttps://seclists.org/fulldisclosure/2020/Aug/5https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-17496