Vulnerability Details : CVE-2021-3007
Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the __destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer supported by the maintainer. NOTE: the laminas-http vendor considers this a "vulnerability in the PHP language itself" but has added certain type checking as a way to prevent exploitation in (unrecommended) use cases where attacker-supplied data can be deserialized
Vulnerability category: Execute code
Products affected by CVE-2021-3007
- cpe:2.3:a:zend:zend_framework:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:getlaminas:laminas-http:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-3007
4.36%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-3007
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2021-3007
-
The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-3007
-
https://github.com/laminas/laminas-http/commits/2.15.x/src/Response/Stream.php
History for src/Response/Stream.php - laminas/laminas-http · GitHubPatch;Third Party Advisory
-
https://github.com/laminas/laminas-http/pull/48
Security tightening: verify a stream file name is a string before unlinking by weierophinney · Pull Request #48 · laminas/laminas-http · GitHubPatch;Third Party Advisory
-
https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/
FreakOut – Leveraging Newest Vulnerabilities for creating a Botnet - Check Point ResearchExploit;Third Party Advisory
-
https://github.com/laminas/laminas-http/releases/tag/2.14.2
Release 2.14.2 · laminas/laminas-http · GitHubThird Party Advisory
-
https://github.com/Ling-Yizhou/zendframework3-/blob/main/zend%20framework3%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%20rce.md
zendframework3-/zend framework3 反序列化 rce.md at main · Ling-Yizhou/zendframework3- · GitHubExploit;Third Party Advisory
Jump to