Vulnerability Details : CVE-2023-34960
Public exploit exists!
A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name.
Products affected by CVE-2023-34960
- cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-34960
90.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2023-34960
-
Chamilo unauthenticated command injection in PowerPoint upload
Disclosure Date: 2023-06-01First seen: 2023-09-11exploit/linux/http/chamilo_unauth_rce_cve_2023_34960Chamilo is an e-learning platform, also called Learning Management Systems (LMS). This module exploits an unauthenticated remote command execution vulnerability that affects Chamilo versions `1.11.18` and below (CVE-2023-34960). Due to a functionality called
CVSS scores for CVE-2023-34960
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-34960
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-34960
-
https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution
Security issues - Chamilo LMS - Chamilo Tracking SystemIssue Tracking;Vendor Advisory
-
http://chamilo.com
Product
-
http://packetstormsecurity.com/files/174314/Chamilo-1.11.18-Command-Injection.html
Chamilo 1.11.18 Command Injection ≈ Packet Storm
Jump to