Vulnerability Details : CVE-2020-8644
Public exploit exists!
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
Products affected by CVE-2020-8644
- cpe:2.3:a:playsms:playsms:*:*:*:*:*:*:*:*
CVE-2020-8644 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
PlaySMS Server-Side Template Injection Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
PlaySMS contains a server-side template injection vulnerability that allows for remote code execution.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2020-8644
Added on
2021-11-03
Action due date
2022-05-03
Exploit prediction scoring system (EPSS) score for CVE-2020-8644
95.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-8644
-
PlaySMS index.php Unauthenticated Template Injection Code Execution
Disclosure Date: 2020-02-05First seen: 2020-04-26exploit/multi/http/playsms_template_injectionThis module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called 'TPL' which is use
CVSS scores for CVE-2020-8644
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-8644
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-8644
-
https://playsms.org/2020/02/05/playsms-1-4-3-has-been-released/
playSMS 1.4.3 has been releasedVendor Advisory
-
https://forum.playsms.org/t/playsms-1-4-3-has-been-released/2704
playSMS 1.4.3 has been released - playSMS / News - playSMS ForumRelease Notes;Vendor Advisory
-
http://packetstormsecurity.com/files/157106/PlaySMS-index.php-Unauthenticated-Template-Injection-Code-Execution.html
PlaySMS index.php Unauthenticated Template Injection Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://research.nccgroup.com/2020/02/11/technical-advisory-playsms-pre-authentication-remote-code-execution-cve-2020-8644/
Technical Advisory – playSMS Pre-Authentication Remote Code Execution (CVE-2020-8644) – NCC Group ResearchExploit
Jump to