CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-5434

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0330%
EPSS Percentile0.46th
Published2019年5月6日
Last Modified2024年11月21日

Vulnerability Description

An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.

Affected Platforms (CPE)

📦
Revive Sas

Revive Adserver

< 4.2.0

References & Advisories

🔗 http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html
🔗 https://hackerone.com/reports/512076
🔗 https://hackerone.com/reports/542670
🔗 https://www.revive-adserver.com/security/revive-sa-2019-001/
🔗 http://packetstormsecurity.com/files/155559/Revive-Adserver-4.2-Remote-Code-Execution.html
🔗 https://hackerone.com/reports/512076
🔗 https://hackerone.com/reports/542670
🔗 https://www.revive-adserver.com/security/revive-sa-2019-001/

相關漏洞威脅

CVE-2017-58309.8

Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the d...

CVE-2016-91259.8

Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the sam...

CVE-2016-91249.8

Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. The login page of Revive Adse...

CVE-2016-94709.0

Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. `www/delivery/asyncspc.php` was vulnerable to the fai...