Vulnerability Details : CVE-2020-8518
Public exploit exists!
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2020-8518
96.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-8518
-
Horde CSV import arbitrary PHP code execution
Disclosure Date: 2020-02-07First seen: 2020-04-26exploit/multi/http/horde_csv_rceThe Horde_Data module version 2.1.4 (and before) present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving RCE on the server hosting the web application. Authors: - Andrea Cardaci <cyrus.and@gm
CVSS scores for CVE-2020-8518
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-8518
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-8518
-
http://packetstormsecurity.com/files/156872/Horde-5.2.22-CSV-Import-Code-Execution.html
Exploit;Third Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2020/04/msg00008.html
[SECURITY] [DLA 2174-1] php-horde-data security updateMailing List;Third Party Advisory
-
https://lists.horde.org/archives/announce/2020/001285.html
[announce] [SECURITY] CVE-2020-8518: RCE vulnerability in Horde_DataMailing List;Vendor Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2PRPIFQDGYPQ3F2TF2ETPIL7IYNSVVZQ/
[SECURITY] Fedora 30 Update: php-horde-Horde-Data-2.1.5-1.fc30 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKTNYDBDVJNMVC7QPXQI7CMPLX3USZ2T/
[SECURITY] Fedora 31 Update: php-horde-Horde-Data-2.1.5-1.fc31 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
Products affected by CVE-2020-8518
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:horde:groupware:5.2.22:*:*:*:webmail:*:*:*
- cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*