Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
References
Link | Resource |
---|---|
https://blog.ripstech.com/2018/phpbb3-phar-deserialization-to-remote-code-execution/ | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/11/msg00029.html | Mailing List Third Party Advisory |
https://www.phpbb.com/community/viewtopic.php?f=14&t=2492206 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-11-17T13:00:00
Updated: 2018-11-25T10:57:01
Reserved: 2018-11-14T00:00:00
Link: CVE-2018-19274
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-11-17T13:29:00.240
Modified: 2022-12-02T19:21:32.637
Link: CVE-2018-19274
JSON object: View
Redhat Information
No data.