CyberSec.Space Logo
Back to CVE Browser

CVE-2020-21523

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile20.41th
PublishedSep 30, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}

Affected Platforms (CPE)

📦
Halo

Halo

= 1.1.3

References & Advisories

🔗 https://github.com/halo-dev/halo/issues/419
🔗 https://github.com/halo-dev/halo/issues/419

Related Vulnerabilities

CVE-2020-215269.8

An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal ch...

CVE-2020-215229.8

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite som...

CVE-2019-153119.8

An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Hal...

CVE-2020-189809.8

Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters.