CVE-2021-3129
CVE-2021-3129
In short
A debugging tool called Ignition used in Laravel has a flaw that lets attackers run any code they want on a website without needing a password, if the site is in debug mode. This happens because the tool unsafely reads and writes files.
Technical detail
Ignition before 2.5.2 uses file_get_contents() and file_put_contents() without proper validation, allowing unauthenticated attackers to achieve remote code execution on Laravel applications running in debug mode (Laravel < 8.4.2). The vulnerability requires no authentication and has a network-based attack vector with no user interaction needed.
Summary generated and translated by AI from the official description.
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 32
githubgithub.com/ambionics/laravel-exploits★ 290githubgithub.com/zhzyker/CVE-2021-3129★ 163githubgithub.com/joshuavanderpoll/CVE-2021-3129★ 147githubgithub.com/SNCKER/CVE-2021-3129★ 133githubgithub.com/SecPros-Team/laravel-CVE-2021-3129-EXP★ 78githubgithub.com/nth347/CVE-2021-3129_exploit★ 69githubgithub.com/crisprss/Laravel_CVE-2021-3129_EXP★ 18githubgithub.com/ajisai-babu/CVE-2021-3129-exp★ 13githubgithub.com/knqyf263/CVE-2021-3129★ 12githubgithub.com/0x0d3ad/CVE-2021-3129★ 10githubgithub.com/MadExploits/Laravel-debug-Checker★ 7githubgithub.com/0nion1/CVE-2021-3129★ 6githubgithub.com/shadowabi/Laravel-CVE-2021-3129★ 5githubgithub.com/Axianke/CVE-2021-3129★ 5githubgithub.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129★ 2githubgithub.com/wmasday/CVE-2021-3129★ 2githubgithub.com/idea-oss/laravel-CVE-2021-3129-EXP★ 1githubgithub.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE★ 1githubgithub.com/keyuan15/CVE-2021-3129★ 1githubgithub.com/cc3305/CVE-2021-3129★ 0githubgithub.com/Y0s9/CVE-2021-3129★ 0githubgithub.com/hupe1980/CVE-2021-3129★ 0githubgithub.com/qaisarafridi/cve-2021-3129★ 0githubgithub.com/Zoo1sondv/CVE-2021-3129★ 0githubgithub.com/miko550/CVE-2021-3129★ 0githubgithub.com/banyaksepuh/Mass-CVE-2021-3129-Scanner★ 0githubgithub.com/piperpwn/CVE-2021-3129-piperpwn★ 0githubgithub.com/GodOfServer/CVE-2021-3129★ 0githubgithub.com/Prabesh01/hoh4★ 0exploitdbwww.exploit-db.com/exploits/49424unverifiedcve_referencepacketstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.htmlhttps://github.com/facade/ignition/pull/334https://www.ambionics.io/blog/laravel-debug-rcehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3129