CVE-2022-24800

 

Published at: - 12-07-2022 10:15

Last modified: - 20-07-2022 01:40

Total changes: - 3

Description

October/System is the system module for October CMS, a self-hosted CMS platform based on the Laravel PHP Framework. Prior to versions 1.0.476, 1.1.12, and 2.2.15, when the developer allows the user to specify their own filename in the `fromData` method, an unauthenticated user can perform remote code execution (RCE) by exploiting a race condition in the temporary storage directory. This vulnerability affects plugins that expose the `October\Rain\Database\Attach\File::fromData` as a public interface and does not affect vanilla installations of October CMS since this method is not exposed or used by the system internally or externally. The issue has been patched in Build 476 (v1.0.476), v1.1.12, and v2.2.15. Those who are unable to upgrade may apply with patch to their installation manually as a workaround.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

 

Verification logic

 

Reference

• https://github.com/octobercms/october/security/advisories/GHSA-8v7h-cpc2-r8jp
• https://github.com/octobercms/library/commit/fe569f3babf3f593be2b1e0a4ae0283506127a83

 

Keywords

NVD

 

CVE-2022-24800

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures