Vulnerability Details : CVE-2020-15182
The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE). The vulnerability affects versions 2.0.0.3 and earlier of SOY Inquiry. This allows remote attackers to force the administrator to edit files once the administrator loads a specially crafted webpage. An administrator must be logged in for exploitation to be possible. This issue is fixed in SOY Inquiry version 2.0.0.4 and included in SOY CMS 3.0.2.328.
Vulnerability category: Directory traversalCross-site request forgery (CSRF)Execute code
Products affected by CVE-2020-15182
- cpe:2.3:a:soy_cms_project:soy_cms:*:*:*:*:*:*:*:*
- cpe:2.3:a:soy_inquiry_project:soy_inquiry:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-15182
1.88%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-15182
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
9.6
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.8
|
6.0
|
NIST | |
8.4
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H |
1.7
|
6.0
|
GitHub, Inc. |
CWE ids for CVE-2020-15182
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: security-advisories@github.com (Primary)
-
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.Assigned by: security-advisories@github.com (Primary)
References for CVE-2020-15182
-
https://github.com/inunosinsi/soycms/security/advisories/GHSA-j2qw-747j-mfv4
Cross-site Request Forgery (CSRF) leading to RCE in SOY CMS · Advisory · inunosinsi/soycms · GitHubThird Party Advisory
-
https://youtu.be/ffvKH3gwyRE
SoyCMS: CSRF to RCE SoyCMS - YouTubeExploit;Third Party Advisory
-
https://github.com/inunosinsi/soycms/pull/15
Fix CSRF and Directory Traversal by stypr · Pull Request #15 · inunosinsi/soycms · GitHubPatch;Third Party Advisory
Jump to