CVE-2024-28116
Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection (SSTI), which allows any authenticated user (editor permissions are sufficient) to execute arbitrary code on the remote server bypassing the existing security sandbox. Version 1.7.45 contains a patch for this issue.
Grav es un sistema de gestión de contenidos de archivos planos de código abierto. Grav CMS anterior a la versión 1.7.45 es vulnerable a una inyección de plantilla del lado del servidor (SSTI), que permite a cualquier usuario autenticado (los permisos del editor son suficientes) ejecutar código arbitrario en el servidor remoto sin pasar por el entorno limitado de seguridad existente. La versión 1.7.45 contiene un parche para este problema.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-03-04 CVE Reserved
- 2024-03-21 CVE Published
- 2024-03-22 EPSS Updated
- 2024-03-24 First Exploit
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
- CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://github.com/getgrav/grav/commit/4149c81339274130742831422de2685f298f3a6e | X_refsource_misc | |
| https://github.com/getgrav/grav/security/advisories/GHSA-c9gp-64c4-2rrh | X_refsource_confirm |
| URL | Date | SRC |
|---|---|---|
| https://github.com/geniuszlyy/GenGravSSTIExploit | 2024-10-07 | |
| https://github.com/akabe1/Graver | 2024-03-24 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|