PHP file inclusion in Apex Central - CVE-2023-52325
Published: January 9, 2024 / Updated: January 11, 2024
Vulnerability identifier: #VU85231
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-52325
CWE-ID: CWE-98
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Trend Micro
Affected software:
Apex Central
Apex Central
Detailed vulnerability description
The vulnerability allows a remote user to include and execute arbitrary PHP files on the server.
The vulnerability exists due to incorrect input validation when including PHP files within the getObjWGFServiceApiByApiName function in the WFProxy widget. A remote user can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.
How to mitigate CVE-2023-52325
Install updates from vendor's website.