Vulnerability Description
Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell can be uploaded via the Documents & Files upload feature. Someone with upload permissions could rename the php shell with a .phar extension, visit the file, triggering the payload for a reverse/bind shell. This can be mitigated by excluding a .phar file extension to be uploaded (like you did with .php .phtml .php5 etc). The vulnerability is patched in version 4.0.4.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Admidio | Admidio | < 4.0.4 |
Related Weaknesses (CWE)
References
- https://github.com/Admidio/admidio/issues/994Third Party Advisory
- https://github.com/Admidio/admidio/releases/tag/v4.0.4Release NotesThird Party Advisory
- https://github.com/Admidio/admidio/security/advisories/GHSA-xpqj-67r8-25j2ExploitThird Party Advisory
- https://github.com/Admidio/admidio/issues/994Third Party Advisory
- https://github.com/Admidio/admidio/releases/tag/v4.0.4Release NotesThird Party Advisory
- https://github.com/Admidio/admidio/security/advisories/GHSA-xpqj-67r8-25j2ExploitThird Party Advisory
FAQ
What is CVE-2021-32630?
CVE-2021-32630 is a vulnerability with a CVSS score of 9.6 (CRITICAL). Admidio is a free, open source user management system for websites of organizations and groups. In Admidio before version 4.0.4, there is an authenticated RCE via .phar file upload. A php web shell ca...
How severe is CVE-2021-32630?
CVE-2021-32630 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-32630?
Check the references section above for vendor advisories and patch information. Affected products include: Admidio Admidio.