Main Vulnerability Database Exploits ID:1508 - Exploit for Code Injection in Totaljs CMS - CVE-2019-15954

ID:1508 - Exploit for Code Injection in Totaljs CMS - CVE-2019-15954

Published: March 18, 2020

Vulnerability identifier: #VU20849

Vulnerability risk: Medium

CVE-ID: CVE-2019-15954

CWE-ID: CWE-94

Exploitation vector: Remote access

Vulnerable software:
Totaljs CMS

Link to public exploit:

https://www.rapid7.com/db/modules/exploit/multi/http/totaljs_cms_widget_exec

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation in widget creation. A remote authenticated user with “widgets” privilege can send a malicious widget with a special tag containing JavaScript code that will be evaluated server side and execute arbitrary code on the target system. In the process of evaluating the tag by back-end is possible to escape the sandbox object by using the following payload:

<script
total>global.process.mainModule.require(‘child_process’).exec(‘RCE here’);

</script>

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:1508 - Exploit for Code Injection in Totaljs CMS - CVE-2019-15954

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human