In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that may allow an attacker to deserialize arbitrary PHP classes. In certain contexts, this can result in remote code execution. The attacker's input must be hosted at http://www.geoplugin.net (cleartext HTTP), and thus a successful attack requires spoofing that site or obtaining control of it.
References
Link | Resource |
---|---|
https://github.com/invoiceninja/invoiceninja/issues/5909 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-06T22:28:22
Updated: 2021-06-06T22:28:22
Reserved: 2021-06-06T00:00:00
Link: CVE-2021-33898
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-06T23:15:07.517
Modified: 2021-06-15T18:33:32.387
Link: CVE-2021-33898
JSON object: View
Redhat Information
No data.
CWE