fkie_cve-2019-1010178
Vulnerability from fkie_nvd
Published
2019-07-24 14:15
Modified
2024-11-21 04:18
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd and https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887beba0065246.
References
josh@bress.nethttps://www.youtube.com/watch?v=vOlw2DP9WbEExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.youtube.com/watch?v=vOlw2DP9WbEExploit, Third Party Advisory
Impacted products
Vendor Product Version
modx fred 1.0.0
modx fred 1.0.0
modx fred 1.0.0
modx fred 1.0.0
modx fred 1.0.0
modx fred 1.0.0
modx fred 1.0.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:-:*:*:*:modx:*:*",
              "matchCriteriaId": "DAF15ABA-0814-49CB-AAF6-FA21D6DD237A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:beta2:*:*:*:modx:*:*",
              "matchCriteriaId": "D9E6E9D0-4ECF-453C-B346-6129D2D9C81B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:beta4:*:*:*:modx:*:*",
              "matchCriteriaId": "5731C761-8366-4159-B5A9-3D903850CD78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:pl:*:*:*:modx:*:*",
              "matchCriteriaId": "0F16E7AB-F4AB-47C9-B35E-856A6D960A4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:rc:*:*:*:modx:*:*",
              "matchCriteriaId": "10C14FFB-B577-408B-92D0-E2236D02092E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:rc1:*:*:*:modx:*:*",
              "matchCriteriaId": "C7122D1C-1482-4165-9C49-7DA35FA8816F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:modx:fred:1.0.0:rc2:*:*:*:modx:*:*",
              "matchCriteriaId": "6863DF85-16D0-4969-ACA3-9F92399E40FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Fred MODX Revolution \u003c 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixed version is: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd and https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887beba0065246."
    },
    {
      "lang": "es",
      "value": "Fred MODX Revolution \u003c1.0.0-beta5 est\u00e1 afectado por: Control de acceso incorrecto - CWE-648. El impacto es: Ejecuci\u00f3n remota de c\u00f3digo. El componente es: asset / components / fred / web / elfinder / connector.php. El vector de ataque es: cargar un archivo PHP o cambiar datos en la base de datos. La versi\u00f3n arreglada  es: https://github.com/modxcms/fred/commit/139cefac83b2ead90da23187d92739dec79d3ccd y https://github.com/modxcms/fred/commit/01f0a3d1ae7f3970639c2a0db1887"
    }
  ],
  "id": "CVE-2019-1010178",
  "lastModified": "2024-11-21T04:18:01.530",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-07-24T14:15:10.877",
  "references": [
    {
      "source": "josh@bress.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.youtube.com/watch?v=vOlw2DP9WbE"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.youtube.com/watch?v=vOlw2DP9WbE"
    }
  ],
  "sourceIdentifier": "josh@bress.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-648"
        }
      ],
      "source": "josh@bress.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.