← volver
CVE-2017-7981

CVE-2017-7981

EPSS 16.1%
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this value, even with shell metacharacters, as demonstrated by a '<?plugin SyntaxHighlighter syntax="c;id"' line to execute the id command.
Productos afectados
n/a · n/a
PoCs públicas encontradas2
cve_referencewww.exploit-db.com/exploits/41953/no verificadoexploitdbwww.exploit-db.com/exploits/41953no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/xdrr/vulnerability-research/blob/master/webapp/tuleap/2017.04.tuleap-auth-ci.mdhttps://tuleap.net/file/shownotes.php?release_id=137#/linked-artifactshttps://tuleap.net/plugins/tracker/?aid=10159https://www.exploit-db.com/exploits/41953/