CVE-2023-24258 : SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability

SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request.

Published 2023-02-27 21:15:12

Updated 2023-03-24 23:15:07

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql InjectionExecute code

Products affected by CVE-2023-24258

Spip » Spip
Versions up to, including, (<=) 4.1.5
cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2023-24258

Top countries where our scanners detected CVE-2023-24258

Top open port discovered on systems with this issue 80

IPs affected by CVE-2023-24258 82

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2023-24258!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2023-24258

EPSS FAQ

1.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-24258

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-24258

CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2023-24258

https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-1-7-SPIP-4-0-9-et-SPIP-3-2-17.html

Mise à jour de sécurité : sortie de SPIP 4.1.7, SPIP 4.0.9 et SPIP 3.2.17 - SPIP Blog
Release Notes
https://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.5/SPIP_4.1.5_AND_BEFORE_AUTH_SQLi_Abyss_Watcher.md

ab4yss-wr4iteups/SPIP_4.1.5_AND_BEFORE_AUTH_SQLi_Abyss_Watcher.md at ffa980faa9e3598d49d6fb7def4f7a67cfb5f427 · Abyss-W4tcher/ab4yss-wr4iteups · GitHub
Exploit;Third Party Advisory
https://www.debian.org/security/2023/dsa-5325

Debian -- Security Information -- DSA-5325-1 spip