Vulnerability Details : CVE-2020-25042
Public exploit exists!
An arbitrary file upload issue exists in Mara CMS 7.5. In order to exploit this, an attacker must have a valid authenticated (admin/manager) session and make a codebase/dir.php?type=filenew request to upload PHP code to codebase/handler.php.
Products affected by CVE-2020-25042
- cpe:2.3:a:maracms:maracms:7.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-25042
69.62%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-25042
-
MaraCMS Arbitrary PHP File Upload
Disclosure Date: 2020-08-31First seen: 2020-09-25exploit/multi/http/maracms_upload_execThis module exploits an arbitrary file upload vulnerability in MaraCMS 7.5 and prior in order to execute arbitrary commands. The module first attempts to authenticate to MaraCMS. It then tries to upload a malicious PHP file to the web root via an HTTP POST
CVSS scores for CVE-2020-25042
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
|
7.2
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST |
CWE ids for CVE-2020-25042
-
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-25042
-
https://www.exploit-db.com/exploits/48780
Mara CMS 7.5 - Remote Code Execution (Authenticated) - PHP webapps ExploitExploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/159304/MaraCMS-7.5-Remote-Code-Execution.html
MaraCMS 7.5 Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://sourceforge.net/projects/maracms/
Mara CMS download | SourceForge.netProduct;Third Party Advisory
Jump to