CVE-2021-47938

ImpressCMS 1.4.2 Remote Code Execution via Autotasks

CVSS 8.7 HIGHEPSS 0.6%CWE-94

ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by injecting malicious code into the sat_code parameter. Attackers can authenticate, submit a POST request to /modules/system/admin.php?fct=autotasks&op=mod with crafted sat_code containing PHP commands, which creates an executable file that accepts arbitrary commands via GET parameters.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Impresscms · ImpressCMS

public PoCs found — 1

cve_referencewww.exploit-db.com/exploits/50298unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.exploit-db.com/exploits/50298 https://www.impresscms.org/https://www.impresscms.org/modules/downloads/https://www.vulncheck.com/advisories/impresscms-remote-code-execution-via-autotasks