Vulnerability identifier: #VU43825
Vulnerability risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-264
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Moodle
Web applications /
Other software
Vendor: moodle.org
Description
The vulnerability allows a remote non-authenticated attacker to manipulate data.
The ip_in_range function in mnet/lib.php in MNET in Moodle 1.9.x before 1.9.15 uses an incorrect data type, which allows remote attackers to bypass intended IP address restrictions via an XMLRPC request.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Moodle: 1.9 - 1.9.14
External links
https://git.moodle.org/gw?p=moodle.git;a=commit;h=3ab2851d2a59721445945d0706c58092e07e861e
https://moodle.org/mod/forum/discuss.php?d=191756
https://www.debian.org/security/2012/dsa-2421
https://bugzilla.redhat.com/show_bug.cgi?id=761248
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.