#VU16041 Phar deserialization in phpBB - CVE-2018-19274
Published: November 23, 2018 / Updated: November 23, 2018
Vulnerability identifier: #VU16041
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-19274
CWE-ID: CWE-502
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
phpBB
phpBB
Software vendor:
phpBB Group
phpBB Group
Description
The vulnerability allows a remote attacker with administrator privileges to execute arbitrary PHP code.
The weakness exists in a feature that utilizes an image editor binary called Imagick due to Phar deserialization if user input is passed unsanitized to any file system function in PHP, such as
The weakness exists in a feature that utilizes an image editor binary called Imagick due to Phar deserialization if user input is passed unsanitized to any file system function in PHP, such as
file_exists(). A remote attacker with access to the Admin Control Panel with founder permissions can upload a malicious image file and edit it with Imagick to execute arbitrary PHP code on the underlying server and then to perform a full site takeover.Remediation
Update to version 3.2.4.