#VU38190 Code Injection in GeniXCMS


Published: 2017-09-27 | Updated: 2020-08-08

Vulnerability identifier: #VU38190

Vulnerability risk: High

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-14764

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GeniXCMS
Web applications / CMS

Vendor: MetalGenix

Description

The vulnerability allows a remote authenticated user to execute arbitrary code.

In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.

Mitigation
Install update from vendor's website.

Vulnerable software versions

GeniXCMS: 1.1.4

External links
http://ph0rse.me/2017/09/21/GeniXCMS-1-1-4%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC-getshell/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in MetalGenix GeniXCMS