cnvd - cnvd-2024-44823

cnvd-2024-44823

Vulnerability from cnvd

Title: SeaCMS代码执行漏洞

Description:

SeaCMS是海洋CMS（SeaCMS）公司的一套使用PHP编写的免费、开源的网站内容管理系统。该系统主要被设计用来管理视频点播资源。

SeaCMS 13.0版本存在代码执行漏洞，该漏洞源于对编辑文件限制不当，攻击者可利用该漏洞仍然可以绕过这些限制写入代码，从而执行任意命令，获取系统权限。

Severity: 高

Formal description:

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_files.php%20code%20injection.md

Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-42599

Impacted products

Name
SEACMS SeaCMS v13.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-42599",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-42599"
    }
  },
  "description": "SeaCMS\u662f\u6d77\u6d0bCMS\uff08SeaCMS\uff09\u516c\u53f8\u7684\u4e00\u5957\u4f7f\u7528PHP\u7f16\u5199\u7684\u514d\u8d39\u3001\u5f00\u6e90\u7684\u7f51\u7ad9\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\u8be5\u7cfb\u7edf\u4e3b\u8981\u88ab\u8bbe\u8ba1\u7528\u6765\u7ba1\u7406\u89c6\u9891\u70b9\u64ad\u8d44\u6e90\u3002\n\nSeaCMS 13.0\u7248\u672c\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u7f16\u8f91\u6587\u4ef6\u9650\u5236\u4e0d\u5f53\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ecd\u7136\u53ef\u4ee5\u7ed5\u8fc7\u8fd9\u4e9b\u9650\u5236\u5199\u5165\u4ee3\u7801\uff0c\u4ece\u800c\u6267\u884c\u4efb\u610f\u547d\u4ee4\uff0c\u83b7\u53d6\u7cfb\u7edf\u6743\u9650\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_files.php%20code%20injection.md",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-44823",
  "openTime": "2024-11-14",
  "products": {
    "product": "SEACMS SeaCMS v13.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-42599",
  "serverity": "\u9ad8",
  "submitTime": "2024-08-29",
  "title": "SeaCMS\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2024-42599 (GCVE-0-2024-42599)

Vulnerability from cvelistv5

Published

2024-08-22 00:00

Modified

2024-08-26 16:44

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Summary

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges.

References

▼	URL	Tags
	https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_files.php%20code%20injection.md
	https://gitee.com/fushuling/cve/blob/master/CVE-2024-42599.md

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:seacms:seacms:13.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "seacms",
            "vendor": "seacms",
            "versions": [
              {
                "status": "affected",
                "version": "13.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-42599",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-26T16:41:55.311827Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-26T16:44:00.496Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restrictions and write code, allowing authenticated attackers to exploit the vulnerability to execute arbitrary commands and gain system privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-22T19:08:39.932502",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://gitee.com/fushuling/cve/blob/master/SeaCMS%20V13%20admin_files.php%20code%20injection.md"
        },
        {
          "url": "https://gitee.com/fushuling/cve/blob/master/CVE-2024-42599.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-42599",
    "datePublished": "2024-08-22T00:00:00",
    "dateReserved": "2024-08-05T00:00:00",
    "dateUpdated": "2024-08-26T16:44:00.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted