Advertisement






nikic/php-parser - OS Command Injection

CVE Category Price Severity
CVE-2019-11043 CWE-78 $7,500 High
Author Risk Exploitation Type Date
Dawid Golunski High Remote 2023-10-08
CVSS
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023100017

Below is a copy:

nikic/php-parser - OS Command Injection
[*] VULNERABILITY REPORT

General Information:
- Reporter's Name: Gh05t666nero
- Report Date: 06/10/2023
- Testing Methodology: Source Code Review

Vulnerability Overview:
- Vulnerability Name: nikic/php-parser OS Command Injection
- Brief Description: The `execCmd` function in the code allows for the execution of arbitrary shell commands, posing a security risk.
- Vulnerability Location: https://github.com/nikic/PHP-Parser/blob/master/grammar/rebuildParsers.php

Reproduction Steps:
1. Cloning the repository from github https://github.com/nikic/PHP-Parser.
2. Enter the directory /grammar/rebuildParsers.php.
3. Run the following command in the shell to jump straight through the code and test the execCmd function for vulnerability: 
root@vm-apps:/var/www/vtt-admin/vendor/nikic/php-parser/grammar# php -r "include 'rebuildParsers.php'; execCmd('uname -a');"

Impact of the Vulnerability:
- Potential Loss: The potential loss could involve unauthorized access to the system or sensitive information, data destruction, or even the takeover of system control by unauthorized parties.
- Risk Classification: [High] - The high-risk classification is due to the unrestricted ability to execute arbitrary shell commands, which can be exploited for malicious activities such as deleting or altering data, running system commands, and accessing confidential information. The existence of this vulnerability poses a serious impact on the security and integrity of the system.

Technical Details:
- Affected Technology: PHP
- Software Version: 4.17.1 (Latest)

Supporting Evidence:
https://i.ibb.co/hRVqfwr/image.png

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.