CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-21523

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile20.41th
Published2020年9月30日
Last Modified2024年11月21日

Vulnerability Description

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}

Affected Platforms (CPE)

📦
Halo

Halo

= 1.1.3

References & Advisories

🔗 https://github.com/halo-dev/halo/issues/419
🔗 https://github.com/halo-dev/halo/issues/419

相關漏洞威脅

CVE-2020-215269.8

An Arbitrary file writing vulnerability in halo v1.1.3. In an interface to write files in the background, a directory traversal ch...

CVE-2020-215229.8

An issue was discovered in halo V1.1.3. A Zip Slip Directory Traversal Vulnerability in the backend,the attacker can overwrite som...

CVE-2019-153119.8

An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Hal...

CVE-2020-189809.8

Remote Code Executon vulnerability in Halo 0.4.3 via the remoteAddr and themeName parameters.