CVE-2022-24780

Published: Apr 5, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, users of the iTop user portal can send TWIG code to the server by forging specific http queries, and execute arbitrary code on the server using http server user privileges. This issue is fixed in versions 2.7.6 and 3.0.0. There are currently no known workarounds.

Affected (12)

Products: Combodo: Itop

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Combodo Itop	Before 2.7.6
Combodo Itop	Version 3.0.0 alpha
Combodo Itop	Version 3.0.0 beta1
Combodo Itop	Version 3.0.0 beta2
Combodo Itop	Version 3.0.0 beta3
Combodo Itop	Version 3.0.0 beta4
Combodo Itop	Version 3.0.0 beta5
Combodo Itop	Version 3.0.0 beta6
Combodo Itop	Version 3.0.0 beta7
Combodo Itop	Version 3.0.0 beta8
Combodo Itop	Version 3.0.0 beta
Combodo Itop	Version 3.0.0 rc

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (12)

http://packetstormsecurity.com/files/167236/iTop-Remote-Command-Execution.html

Source: security-advisories@github.com

ExploitThird Party AdvisoryVDB Entry

https://github.com/Combodo/iTop/commit/93f273a28778e5da8e51096f021d2dc1adbf4ef3

Source: security-advisories@github.com

PatchThird Party Advisory

https://github.com/Combodo/iTop/commit/b6fac4b411b8d145fc30fa35c66b51243eafd06b

Source: security-advisories@github.com

PatchThird Party Advisory

https://github.com/Combodo/iTop/commit/eb2a615bd28100442c7f6171707bb40884af2305

Source: security-advisories@github.com

PatchThird Party Advisory

https://github.com/Combodo/iTop/security/advisories/GHSA-v97m-wgxq-rh54

Source: security-advisories@github.com

Third Party Advisory

https://markus-krell.de/itop-template-injection-inside-customer-portal/

Source: security-advisories@github.com

ExploitThird Party Advisory

http://packetstormsecurity.com/files/167236/iTop-Remote-Command-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

https://github.com/Combodo/iTop/commit/93f273a28778e5da8e51096f021d2dc1adbf4ef3

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/Combodo/iTop/commit/b6fac4b411b8d145fc30fa35c66b51243eafd06b

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/Combodo/iTop/commit/eb2a615bd28100442c7f6171707bb40884af2305

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/Combodo/iTop/security/advisories/GHSA-v97m-wgxq-rh54

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://markus-krell.de/itop-template-injection-inside-customer-portal/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.