← voltar
CVE-2021-3129

CVE-2021-3129

CVSS 9.8 CRITICALEPSS 99.9%● KEV
Em resumo

Uma ferramenta de depuração chamada Ignition usada no Laravel tem uma falha que permite que invasores executem qualquer código em um site sem precisar de senha, se o site estiver em modo de depuração. Isso acontece porque a ferramenta lê e escreve arquivos de forma insegura.

Detalhe técnico

O Ignition anterior à versão 2.5.2 usa file_get_contents() e file_put_contents() sem validação adequada, permitindo que atacantes não autenticados executem código remoto em aplicações Laravel rodando em modo de depuração (Laravel < 8.4.2). A vulnerabilidade não requer autenticação e tem vetor de ataque baseado em rede sem necessidade de interação do usuário.

Resumo gerado e traduzido por IA a partir da descrição oficial.
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · n/a
PoCs públicas encontradas32
githubgithub.com/ambionics/laravel-exploits290githubgithub.com/zhzyker/CVE-2021-3129163githubgithub.com/joshuavanderpoll/CVE-2021-3129147githubgithub.com/SNCKER/CVE-2021-3129133githubgithub.com/SecPros-Team/laravel-CVE-2021-3129-EXP78githubgithub.com/nth347/CVE-2021-3129_exploit69githubgithub.com/crisprss/Laravel_CVE-2021-3129_EXP18githubgithub.com/ajisai-babu/CVE-2021-3129-exp13githubgithub.com/knqyf263/CVE-2021-312912githubgithub.com/0x0d3ad/CVE-2021-312910githubgithub.com/MadExploits/Laravel-debug-Checker7githubgithub.com/0nion1/CVE-2021-31296githubgithub.com/shadowabi/Laravel-CVE-2021-31295githubgithub.com/Axianke/CVE-2021-31295githubgithub.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-31292githubgithub.com/wmasday/CVE-2021-31292githubgithub.com/idea-oss/laravel-CVE-2021-3129-EXP1githubgithub.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE1githubgithub.com/keyuan15/CVE-2021-31291githubgithub.com/cc3305/CVE-2021-31290githubgithub.com/Y0s9/CVE-2021-31290githubgithub.com/hupe1980/CVE-2021-31290githubgithub.com/qaisarafridi/cve-2021-31290githubgithub.com/Zoo1sondv/CVE-2021-31290githubgithub.com/miko550/CVE-2021-31290githubgithub.com/banyaksepuh/Mass-CVE-2021-3129-Scanner0githubgithub.com/piperpwn/CVE-2021-3129-piperpwn0githubgithub.com/GodOfServer/CVE-2021-31290githubgithub.com/Prabesh01/hoh40exploitdbwww.exploit-db.com/exploits/49424não verificadocve_referencepacketstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.htmlnão verificadocve_referencepacketstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.htmlhttps://github.com/facade/ignition/pull/334https://www.ambionics.io/blog/laravel-debug-rcehttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3129