CVE-2024-27923
Remote Code Execution by uploading a phar file using frontmatter
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
Grav is a content management system (CMS). Prior to version 1.7.43, users who may write a page may use the `frontmatter` feature due to insufficient permission validation and inadequate file name validation. This may lead to remote code execution. Version 1.7.43 fixes this issue.
Grav es un sistema de gestión de contenidos (CMS). Antes de la versión 1.7.43, los usuarios que podían escribir una página podían usar la función "frontmatter" debido a una validación de permisos insuficiente y una validación de nombre de archivo inadecuada. Esto puede provocar la ejecución remota de código. La versión 1.7.43 soluciona este problema.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-02-28 CVE Reserved
- 2024-03-06 CVE Published
- 2024-08-02 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
- CWE-434: Unrestricted Upload of File with Dangerous Type
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://github.com/getgrav/grav/commit/e3b0aa0c502aad251c1b79d1ee973dcd93711f07 | X_refsource_misc | |
| https://github.com/getgrav/grav/security/advisories/GHSA-f6g2-h7qv-3m5v | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|