Vulnerability Description
An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have local filesystem access.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ispconfig | Ispconfig | < 3.1.13 |
Related Weaknesses (CWE)
References
- https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bugExploitThird Party Advisory
- https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-ExploitThird Party Advisory
- https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfVendor Advisory
- https://0x09al.github.io/security/ispconfig/exploit/vulnerability/2018/08/20/bugExploitThird Party Advisory
- https://github.com/0x09AL/0x09al.github.io/blob/master/_posts/2018-08-20-bug-or-ExploitThird Party Advisory
- https://www.ispconfig.org/blog/ispconfig-3-1-13-released-important-security-bugfVendor Advisory
FAQ
What is CVE-2018-17984?
CVE-2018-17984 is a vulnerability with a CVSS score of 7.8 (HIGH). An unanchored /[a-z]{2}/ regular expression in ISPConfig before 3.1.13 makes it possible to include arbitrary files, leading to code execution. This is exploitable by authenticated users who have loca...
How severe is CVE-2018-17984?
CVE-2018-17984 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-17984?
Check the references section above for vendor advisories and patch information. Affected products include: Ispconfig Ispconfig.