Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Published 2021-01-12 15:15:16
Updated 2022-02-22 10:15:18
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Execute code

CVE-2021-3129 is in the CISA Known Exploited Vulnerabilities Catalog

This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Laravel Ignition File Upload Vulnerability
CISA required action:
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
CISA description:
Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().
Notes:
https://github.com/facade/ignition/releases/tag/2.5.2
Added on 2023-09-18 Action due date 2023-10-09

Exploit prediction scoring system (EPSS) score for CVE-2021-3129

97.47%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2021-3129

  • Unauthenticated remote code execution in Ignition
    Disclosure Date: 2021-01-13
    First seen: 2022-12-23
    exploit/multi/php/ignition_laravel_debug_rce
    Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Larave

CVSS scores for CVE-2021-3129

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
7.5
HIGH AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
NIST
9.8
CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.9
5.9
NIST

References for CVE-2021-3129

Products affected by CVE-2021-3129

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!