Embedded malicious code (backdoor) in School Management Pro

#VU63550 Embedded malicious code (backdoor) in School Management Pro

Published: 2022-05-27 | Updated: 2023-07-05

Vulnerability identifier: #VU63550

Vulnerability risk: Critical

CVSSv3.1: 9.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2022-1609

CWE-ID: CWE-506

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
School Management Pro
Web applications / Modules and components for CMS

Vendor: weblizar

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application.

Note, the vulnerability is being actively exploited in the wild.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

School Management Pro: 6.0 - 9.9.6

External links
http://patchstack.com/database/vulnerability/school-management-pro/wordpress-school-management-pro-premium-plugin-9-9-7-unauthenticated-remote-code-execution-rce-via-rest-api
http://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2
http://github.com/savior-only/CVE-2022-1609

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Remote code execution in School Management Pro plugin for WordPress