← Back to CVEs
CVE-2024-30162
HIGH7.2
Description
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules/admin/editor/toolbar.php IPS\core\modules\admin\editor\_toolbar::addPlugin() method. This method handles uploaded ZIP files that are extracted into the applications/core/interface/ckeditor/ckeditor/plugins/ directory without properly verifying their content. This can be exploited by admin users (with the toolbar_manage permission) to write arbitrary PHP files into that directory, leading to execution of arbitrary PHP code in the context of the web server user.
CVE Details
CVSS v3.1 Score7.2
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredHIGH
User InteractionNONE
Published6/7/2024
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-345
References
http://seclists.org/fulldisclosure/2024/Apr/21(cve@mitre.org)
https://invisioncommunity.com(cve@mitre.org)
http://seclists.org/fulldisclosure/2024/Apr/21(af854a3a-2127-422b-91ae-364da2661108)
https://invisioncommunity.com(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.