#VU36746 Code Injection in SeaCMS


Published: 2018-09-02 | Updated: 2020-08-08

Vulnerability identifier: #VU36746

Vulnerability risk: Medium

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16343

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
SeaCMS
Web applications / CMS

Vendor: SeaCMS .Net

Description

The vulnerability allows a remote privileged user to execute arbitrary code.

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.

Mitigation
Install update from vendor's website.

Vulnerable software versions

SeaCMS: 6.61

External links
http://zhinianyuxin.postach.io/post/seacms-v6-61-latest-version-backend-rce
http://github.com/cumtxujiabin/CmsPoc/blob/master/Seacms_v6.61_backend_RCE.md

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in SeaCMS