CVE-2014-2988

EGroupware 1.8.006 Cross Site Request Forgery / Code Injection

Severity Score

8.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbitrary PHP code via crafted callback values to the call_user_func PHP function, as demonstrated using the newsettings[system] parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-2987.

EGroupware Enterprise Line (EPL) anterior a 1.1.20140505, EGroupware Community Edition anterior a 1.8.007.20140506, y EGroupware anterior a 14.1 beta permite a administradores remotos autenticados ejecutar código PHP arbitrario a través de valores de rellamada manipulados en la función de PHP call_user_func, tal y como fue demostrado mediante la utilización del parámetro newsettings[system]. NOTA: esto puede ser explotado por atacantes remotos que se aprovechan de CVE-2014-2987.

EGroupware version 1.8.006 suffers from code execution and cross site request forgery vulnerabilities.

*Credits: N/A

CVSS Scores

NISTv2 8.5

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-04-24 CVE Reserved
2014-05-16 CVE Published
2024-08-06 CVE Updated
2024-08-06 First Exploit
2024-10-25 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-94: Improper Control of Generation of Code ('Code Injection')

CAPEC

References (4)

URL	Tag	Source
http://advisories.mageia.org/MGASA-2014-0221.html	X_refsource_confirm
http://www.securityfocus.com/archive/1/532103/100/0/threaded	Mailing List

URL	Date	SRC
https://www.htbridge.com/advisory/HTB23212	2024-08-06

URL	Date	SRC

URL	Date	SRC
http://www.mandriva.com/security/advisories?name=MDVSA-2015:087	2018-10-09

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Egroupware Search vendor "Egroupware"		Egroupware Search vendor "Egroupware" for product "Egroupware"				<= 1.6.001 Search vendor "Egroupware" for product "Egroupware" and version " <= 1.6.001"		-		Affected
Egroupware Search vendor "Egroupware"		Egroupware Search vendor "Egroupware" for product "Egroupware"				<= 1.8006 Search vendor "Egroupware" for product "Egroupware" and version " <= 1.8006"		community		Affected