CVE-2021-47812 — CRITICAL (9.8)

Vulnerability Description

GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Getgrav	Grav	1.10.7

Related Weaknesses (CWE)

CWE-862

References

https://getgrav.orgProduct
https://www.exploit-db.com/exploits/49973Exploit
https://www.vulncheck.com/advisories/gravcms-arbitrary-yaml-writeupdate-unauthenThird Party Advisory
https://www.exploit-db.com/exploits/49973Exploit

FAQ

What is CVE-2021-47812?

CVE-2021-47812 is a vulnerability with a CVSS score of 9.8 (CRITICAL). GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit t...

How severe is CVE-2021-47812?

CVE-2021-47812 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-47812?

Check the references section above for vendor advisories and patch information. Affected products include: Getgrav Grav.