CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-32630

CRITICAL
9.6
CVSS Severity Score
EPSS Score0.0720%
EPSS Percentile13.01th
Published2021年5月20日
Last Modified2024年11月21日

Vulnerability Description

Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could rename the php shell with a .phar extension, visit the file, triggering the payload for a reverse/bind shell. This can be mitigated by excluding a .phar file extension to be uploaded (like you did with .php .phtml .php5 etc). The vulnerability is patched in version 4.0.4.

Affected Platforms (CPE)

📦
Admidio

Admidio

< 4.0.4

References & Advisories

🔗 https://github.com/Admidio/admidio/issues/994
🔗 https://github.com/Admidio/admidio/releases/tag/v4.0.4
🔗 https://github.com/Admidio/admidio/security/advisories/GHSA-xpqj-67r8-25j2
🔗 https://github.com/Admidio/admidio/issues/994
🔗 https://github.com/Admidio/admidio/releases/tag/v4.0.4
🔗 https://github.com/Admidio/admidio/security/advisories/GHSA-xpqj-67r8-25j2

相关漏洞威胁

CVE-2021-438108.8

Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerabilit...

CVE-2020-110047.7

SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without ...

CVE-2017-64927.2

SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is co...

CVE-2018-253705.3

Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by...