// For flags

CVE-2017-16894

PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.

En el framework Laravel hasta la versión 5.5.21, los atacantes remotos pueden obtener información sensible (como contraseñas de uso externo) mediante una petición directa para la URI /.env. NOTA: este CVE solo trata de la función writeNewEnvironmentFileWith del framework Laravel en src/Illuminate/Foundation/Console/KeyGenerateCommand.php que utiliza file_put_contents sin restringir los permisos .env. El nombre de archivo .env no es de uso exclusivo del framework Laravel.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-11-19 CVE Reserved
  • 2017-11-20 CVE Published
  • 2019-07-16 First Exploit
  • 2024-08-05 CVE Updated
  • 2024-10-23 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Laravel
Search vendor "Laravel"
Laravel
Search vendor "Laravel" for product "Laravel"
<= 5.5.21
Search vendor "Laravel" for product "Laravel" and version " <= 5.5.21"
-
Affected