CVE-2018-18753 : Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF.

Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF.

Published 2018-10-29 12:29:10

Updated 2019-01-28 13:22:42

Source MITRE

View at NVD, CVE.org

Vulnerability category: Server-side request forgery (SSRF)

Exploit prediction scoring system (EPSS) score for CVE-2018-18753

Probability of exploitation activity in the next 30 days: 0.40%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Assigned by: nvd@nist.gov (Primary)

https://github.com/wuzhicms/wuzhicms/issues/157

Typecho(1.1) has Server-Side Request Forgery(SSRF) · Issue #157 · wuzhicms/wuzhicms · GitHub
Exploit;Third Party Advisory

Typecho » Typecho » Version: 1.1
cpe:2.3:a:typecho:typecho:1.1:*:*:*:*:*:*:*
Matching versions