Vulnerability Details : CVE-2014-8684
Public exploit exists!
CodeIgniter before 3.0 and Kohana 3.2.3 and earlier and 3.3.x through 3.3.2 make it easier for remote attackers to spoof session cookies and consequently conduct PHP object injection attacks by leveraging use of standard string comparison operators to compare cryptographic hashes.
Products affected by CVE-2014-8684
- cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*
- cpe:2.3:a:kohanaframework:kohana:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:kohanaframework:kohana:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:kohanaframework:kohana:3.2.3:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-8684
0.25%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 62 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-8684
-
Seagate Business NAS Unauthenticated Remote Command Execution
Disclosure Date: 2015-03-01First seen: 2020-04-26exploit/linux/http/seagate_nas_php_exec_noauthSome Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the
CVSS scores for CVE-2014-8684
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2014-8684
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-8684
-
https://scott.arciszewski.me/research/full/php-framework-timing-attacks-object-injection
Third Party Advisory
-
http://packetstormsecurity.com/files/130609/Seagate-Business-NAS-Unauthenticated-Remote-Command-Execution.html
Seagate Business NAS Unauthenticated Remote Command Execution ≈ Packet StormThird Party Advisory;VDB Entry
-
http://seclists.org/fulldisclosure/2014/May/54
Full Disclosure: CodeIgniter <= 2.1.4 and Kohana <= 3.2.3, 3.3.2 - Timing Attacks and Object InjectionMailing List;Third Party Advisory
-
https://github.com/kohana/core/pull/492
3.3/develop by sarciszewski · Pull Request #492 · kohana/core · GitHubThird Party Advisory
Jump to