Vulnerability Description
Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. After upload it, the PHP file will be placed at "themes/simpletheme/{rce}.php" from where can be accessed in order to execute commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Exponentcms | Exponent Cms | 2.6.0 |
Related Weaknesses (CWE)
References
- https://exponentcms.lighthouseapp.com/projects/61783/tickets/1460ExploitIssue TrackingVendor Advisory
- https://fluidattacks.com/advisories/dylan/ExploitIssue TrackingThird Party Advisory
- https://github.com/exponentcms/exponent-cms/issues/1546ExploitIssue TrackingThird Party Advisory
- https://exponentcms.lighthouseapp.com/projects/61783/tickets/1460ExploitIssue TrackingVendor Advisory
- https://fluidattacks.com/advisories/dylan/ExploitIssue TrackingThird Party Advisory
- https://github.com/exponentcms/exponent-cms/issues/1546ExploitIssue TrackingThird Party Advisory
FAQ
What is CVE-2022-23048?
CVE-2022-23048 is a vulnerability with a CVSS score of 7.2 (HIGH). Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. After upload it, the PHP file will be placed at "them...
How severe is CVE-2022-23048?
CVE-2022-23048 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-23048?
Check the references section above for vendor advisories and patch information. Affected products include: Exponentcms Exponent Cms.