CVE-2023-4634

WordPress uchun Media Library Assistant plagini 3.09.09.00gacha boʻlgan versiyalarda mahalliy fayllarni qoʻshish va masofaviy kodni bajarishga nisbatan zaifdir. Bu ~/includes/mla-stream-image.php faylidan 'mla_stream_file' parametriga ta'minlangan fayl yo'llarini boshqarishning etarli emasligi bilan bog'liq, bu erda tasvirlar Imagick() orqali qayta ishlanadi. Bu autentifikatsiya qilinmagan tajovuzkorlarga FTP orqali fayllarni etkazib berish imkonini beradi, bu kataloglar ro'yxatini, mahalliy fayllarni kiritish va masofaviy kodni amalga oshirish imkonini beradi.

CVSS Vector

Manbalar

• https://github.com/Patrowl/CVE-2023-4634/
• https://packetstormsecurity.com/files/174508/wpmla309-lfiexec.tgz
• https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/
• https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2955933%40media-library-assistant&new=2955933%40media-library-assistant&sfp_email=&sfph_mail=#file4
• https://www.wordfence.com/threat-intel/vulnerabilities/id/05c68377-feb6-442d-a3a0-1fbc246c7cbf?source=cve