Remote code execution in Direct Mail extension for TYPO3



Published: 2023-12-18
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2023-50461
CWE-ID CWE-20
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Direct Mail
Web applications / Modules and components for CMS

Vendor

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Input validation error

EUVDB-ID: #VU84493

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-50461

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to the configuration injection in the "Configuration" backend module. A remote user can write arbitrary page TSConfig for folders configured as "Direct Mail" and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Direct Mail: before 9.5.2

External links

http://typo3.org/security/advisory/typo3-ext-sa-2023-011/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###