#VU77508 Incomplete List of Disallowed Inputs in Grav CMS - CVE-2023-34252

Cybersecurity Help s.r.o.

Published: 2023-06-19

Vulnerability identifier: #VU77508

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-34252

CWE-ID: CWE-184

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Grav CMS
Web applications / CMS

Vendor: Grav CMS

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to Server-side Template Injection (SSTI) issue in filterFilter. A remote administrator can execute arbitrary code on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Grav CMS: 1.7.0 - 1.7.40

External links
https://github.com/getgrav/grav/blob/1.7.40/system/src/Grav/Common/Twig/Extension/GravExtension.php#L1692-L1698
https://github.com/getgrav/grav/security/advisories/GHSA-96xv-rmwj-6p9w
https://github.com/getgrav/grav/blob/1.7.40/system/src/Grav/Common/Utils.php#L1956-L2074
https://github.com/getgrav/grav/commit/244758d4383034fe4cd292d41e477177870b65ec

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Grav CMS