cnvd - cnvd-2024-37605

cnvd-2024-37605

Vulnerability from cnvd

Title: SeaCMS代码执行漏洞（CNVD-2024-37605）

Description:

SeaCMS是海洋CMS（SeaCMS）公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。

SeaCMS 13.0版本存在代码执行漏洞，该漏洞源于admin_editplayer.php对文件的编辑限制可以被绕过，攻击者可利用该漏洞导致任意代码执行。

Severity: 高

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_editplayer.php%20code%20injection.md

Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-42598

Impacted products

Name
SEACMS SeaCMS 13.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-42598",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-42598"
    }
  },
  "description": "SeaCMS\u662f\u6d77\u6d0bCMS\uff08SeaCMS\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f7f\u7528PHP\u7f16\u5199\u7684\u514d\u8d39\u3001\u5f00\u6e90\u7684\u7f51\u7ad9\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u4e3b\u8981\u88ab\u8bbe\u8ba1\u7528\u6765\u7ba1\u7406\u89c6\u9891\u70b9\u64ad\u8d44\u6e90\u3002\n\nSeaCMS 13.0\u7248\u672c\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eadmin_editplayer.php\u5bf9\u6587\u4ef6\u7684\u7f16\u8f91\u9650\u5236\u53ef\u4ee5\u88ab\u7ed5\u8fc7\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u4efb\u610f\u4ee3\u7801\u6267\u884c\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_editplayer.php%20code%20injection.md",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-37605",
  "openTime": "2024-09-06",
  "products": {
    "product": "SEACMS SeaCMS 13.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-42598",
  "serverity": "\u9ad8",
  "submitTime": "2024-08-23",
  "title": "SeaCMS\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2024-37605\uff09"
}

CVE-2024-42598 (GCVE-0-2024-42598)

Vulnerability from cvelistv5

Published

2024-08-20 00:00

Modified

2024-08-22 17:35

Severity ?

6.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

CWE

Summary

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.

References

▼	URL	Tags
	https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_editplayer.php%20code%20injection.md
	https://gitee.com/fushuling/cve/blob/master/CVE-2024-42598.md

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "seacms",
            "vendor": "seacms",
            "versions": [
              {
                "status": "affected",
                "version": "13.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 6.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-42598",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-22T15:11:40.338464Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T15:51:47.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_editplayer.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-22T17:35:14.193524",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_editplayer.php%20code%20injection.md"
        },
        {
          "url": "https://gitee.com/fushuling/cve/blob/master/CVE-2024-42598.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-42598",
    "datePublished": "2024-08-20T00:00:00",
    "dateReserved": "2024-08-05T00:00:00",
    "dateUpdated": "2024-08-22T17:35:14.193524",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted