Vulnerability Details : CVE-2016-8869
Public exploit exists!
The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.
Products affected by CVE-2016-8869
- cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8869
93.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-8869
-
Joomla Account Creation and Privilege Escalation
Disclosure Date: 2016-10-25First seen: 2020-04-26auxiliary/admin/http/joomla_registration_privescThis module creates an arbitrary account with administrative privileges in Joomla versions 3.4.4 through 3.6.3. If an email server is configured in Joomla, an email will be sent to activate the account (the account is disabled by default). Authors: - Fabio Pires <fp@i
CVSS scores for CVE-2016-8869
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-8869
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-8869
-
https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vulnerability-in-joomla.html
Details on the Privilege Escalation Vulnerability in JoomlaExploit;Technical Description;Third Party Advisory
-
https://developer.joomla.org/security-centre/660-20161002-core-elevated-privileges.html
[20161002] - Core - Elevated PrivilegesVendor Advisory
-
https://medium.com/%40showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r
Joomla (< 3.6.4) Account Creation/Elevated Privileges write-up and exploit | by Melvin Lammerts | Medium
-
https://www.exploit-db.com/exploits/40637/
Joomla! 3.4.4 < 3.6.4 - Account Creation / Privilege EscalationExploit;Third Party Advisory
-
http://www.securitytracker.com/id/1037108
Joomla! Input Validation Flaw Lets Remote Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
https://medium.com/@showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r
Joomla (< 3.6.4) Account Creation/Elevated Privileges write-up and exploitExploit;Technical Description;Third Party Advisory
-
http://www.securityfocus.com/bid/93883
Joomla! Core CVE-2016-8869 Remote Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/joomla/joomla-cms/commit/bae1d43938c878480cfd73671e4945211538fdcf
Prepare 3.6.4 Stable Release · joomla/joomla-cms@bae1d43 · GitHubPatch
-
http://www.rapid7.com/db/modules/auxiliary/admin/http/joomla_registration_privesc
Joomla Account Creation and Privilege EscalationThird Party Advisory
Jump to