Vulnerability identifier: #VU40407
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Debian Linux
Operating systems & Components /
Operating system
SPIP
Web applications /
CMS
Description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites function.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Debian Linux: 7.0 - 8.0
SPIP: 2.0.0 - 2.0.22, 2.1.1 - 2.1.18, 3.0.0 - 3.0.20, 3.1.0
External links
http://www.debian.org/security/2016/dsa-3518
http://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-1-SPIP-3-0-22-et-SPIP-2-1.html?lang=fr
http://core.spip.net/projects/spip/repository/revisions/22911
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.