CVE-2018-19274
Severity Score
7.2
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.
El paso de una ruta absoluta a una comprobación file_exists en phpBB en versiones anteriores a la 3.2.4 permite la ejecución remota de código mediante una inyección de objetos al emplear la deserialización Phar cuando un atacante tiene acceso al panel de control de administrador con permisos de fundador.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-11-14 CVE Reserved
- 2018-11-17 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-09-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-502: Deserialization of Untrusted Data
- CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/11/msg00029.html | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://blog.ripstech.com/2018/phpbb3-phar-deserialization-to-remote-code-execution | 2024-08-05 |
| URL | Date | SRC |
|---|---|---|
| https://www.phpbb.com/community/viewtopic.php?f=14&t=2492206 | 2022-12-02 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Phpbb Search vendor "Phpbb" | Phpbb Search vendor "Phpbb" for product "Phpbb" | < 3.2.4 Search vendor "Phpbb" for product "Phpbb" and version " < 3.2.4" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||