Risk | High |
Patch available | YES |
Number of vulnerabilities | 2 |
CVE-ID | CVE-2019-17240 CVE-2019-16113 |
CWE-ID | CWE-307 CWE-94 |
Exploitation vector | Network |
Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. |
Vulnerable software Subscribe |
Bludit Web applications / CMS |
Vendor | Bludit |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
EUVDB-ID: #VU35191
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-17240
CWE-ID:
CWE-307 - Improper Restriction of Excessive Authentication Attempts
Exploit availability: Yes
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypass a brute-force protection mechanism by using many different forged X-Forwarded-For or Client-IP HTTP headers.
MitigationInstall update from vendor's website.
Vulnerable software versionsBludit: 3.9.2
External linkshttp://github.com/bludit/bludit/pull/1090
http://rastating.github.io/bludit-brute-force-mitigation-bypass/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU35528
Risk: High
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-16113
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote authenticated user to execute arbitrary code.
Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.
MitigationInstall update from vendor's website.
Vulnerable software versionsBludit: 3.9.2
External linkshttp://packetstormsecurity.com/files/155295/Bludit-Directory-Traversal-Image-File-Upload.html
http://packetstormsecurity.com/files/157988/Bludit-3.9.12-Directory-Traversal.html
http://packetstormsecurity.com/files/158569/Bludit-3.9.2-Directory-Traversal.html
http://github.com/bludit/bludit/issues/1081
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.