CyberSec.Space Logo
Back to CVE Browser

CVE-2019-14771

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1520%
EPSS Percentile14.79th
PublishedAug 8, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the upload of entire-site configuration archives through the user interface or command line. It does not sufficiently check uploaded archives for invalid data, potentially allowing non-configuration scripts to be uploaded to the server. (This attack is mitigated by the attacker needing the "Synchronize, import, and export configuration" permission, a permission that only trusted administrators should be given. Other preventative measures in Backdrop CMS prevent the execution of PHP scripts, so another server-side scripting language must be accessible on the server to execute code.) Note: This has been disputed by multiple 3rd parties due to advanced permissions that are needed to exploit.

Affected Platforms (CPE)

📦
Backdropcms

Backdrop Cms

>= 1.12.0 and < 1.12.8
📦
Backdropcms

Backdrop Cms

>= 1.13.0 and < 1.13.3

References & Advisories

🔗 https://backdropcms.org/security/backdrop-sa-core-2019-012
🔗 https://backdropcms.org/security/backdrop-sa-core-2019-012

Related Vulnerabilities

CVE-2021-452688.8

A Cross Site Request Forgery (CSRF) vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code E...

CVE-2019-199027.2

An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It allows the upload of entire-site configu...

CVE-2019-147706.1

In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some menu links within the administration bar may be crafted to exe...

CVE-2019-147696.1

Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't sufficiently filter output when displaying certain block labels...