CVE-2023-33177
Xibo CMS vulnerable to Remote Code Execution through Zip Slip
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Xibo is a content management system (CMS). A path traversal vulnerability exists in the Xibo CMS whereby a specially crafted zip file can be uploaded to the CMS via the layout import function by an authenticated user which would allow creation of files outside of the CMS library directory as the webserver user. This can be used to upload a PHP webshell inside the web root directory and achieve remote code execution as the webserver user. Users should upgrade to version 2.3.17 or 3.3.5, which fix this issue. Customers who host their CMS with Xibo Signage have already received an upgrade or patch to resolve this issue regardless of the CMS version that they are running.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-05-17 CVE Reserved
- 2023-05-30 CVE Published
- 2024-08-02 CVE Updated
- 2024-09-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://claroty.com/team82/disclosure-dashboard | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://xibosignage.com/blog/security-advisory-2023-05 | 2023-06-06 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Xibosignage Search vendor "Xibosignage" | Xibo Search vendor "Xibosignage" for product "Xibo" | >= 1.8.0 < 2.3.17 Search vendor "Xibosignage" for product "Xibo" and version " >= 1.8.0 < 2.3.17" | - |
Affected
| ||||||
Xibosignage Search vendor "Xibosignage" | Xibo Search vendor "Xibosignage" for product "Xibo" | >= 3.0.0 < 3.3.5 Search vendor "Xibosignage" for product "Xibo" and version " >= 3.0.0 < 3.3.5" | - |
Affected
|