TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2020-15849

HIGH
7.2

Beschreibung

Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A malicious actor with access to an administrative account could abuse this vulnerability to recover sensitive data from the application's database, allowing for authorization bypass and taking over additional accounts by means of modifying password-reset tokens stored in the database. Remote command execution is also possible by leveraging this to abuse the Yii framework's bizRule functionality, allowing for arbitrary PHP code to be executed by the application. Remote command execution is also possible by using this together with a separate insecure file upload vulnerability (CVE-2020-15488).

CVE Details

CVSS v3.1 Bewertung7.2
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht9/30/2020
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

re-desk:re\

Schwachen (CWE)

CWE-89

Referenzen

https://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/(cve@mitre.org)
https://www.re-desk.com/download-help-desk-software.html(cve@mitre.org)
https://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/(af854a3a-2127-422b-91ae-364da2661108)
https://www.re-desk.com/download-help-desk-software.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.