Vulnerability Details : CVE-2012-5223
Public exploit exists!
The proc_deutf function in includes/functions_vbseocp_abstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the char_repl parameter, which is inserted into a regular expression that is processed by the preg_replace function with the eval switch.
Exploit prediction scoring system (EPSS) score for CVE-2012-5223
92.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2012-5223
-
vBSEO proc_deutf() Remote PHP Code Injection
Disclosure Date: 2012-01-23First seen: 2020-04-26exploit/multi/http/vbseo_proc_deutfThis module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php for vBSEO versions 3.6.0 and earlier. User input passed through 'char_repl' POST parameter isn't properly sanitized before being used in a call to
CVSS scores for CVE-2012-5223
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2012-5223
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5223
-
http://www.securityfocus.com/bid/51647
vBSEO 'proc_deutf()' Remote Code Execution Vulnerability
-
http://www.exploit-db.com/exploits/18424
vBSEO 3.6.0 - 'proc_deutf()' Remote PHP Code Injection (Metasploit) - PHP webapps ExploitExploit
-
http://www.vbseo.com/f5/vbseo-security-bulletin-all-supported-versions-patch-release-52783/
404 Not FoundExploit;Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/72689
vBSEO proc_deutf() function code execution CVE-2012-5223 Vulnerability Report
Products affected by CVE-2012-5223
- cpe:2.3:a:crawlability:vbseo:*:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.3.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:rc6:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.2.0:rc8:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.2.0:rc7:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.6.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.6.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.2.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.2.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.5.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:rc5:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:3.0.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:crawlability:vbseo:2.1.0:*:*:*:*:*:*:*