CVE-2018-19907

Published: Dec 6, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page.

Affected (1)

Products: Craftercms: Crafter Cms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Craftercms Crafter Cms	Up to 3.0.18

Related CWEs

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (4)

https://github.com/craftercms/craftercms/issues/2677

Source: cve@mitre.org

ExploitThird Party Advisory

https://medium.com/%40buxuqua/rce-vulnerability-in-crafter-cms-server-side-template-injection-19d8708ce242

Source: cve@mitre.org

https://github.com/craftercms/craftercms/issues/2677

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://medium.com/%40buxuqua/rce-vulnerability-in-crafter-cms-server-side-template-injection-19d8708ce242

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.