Lucene search

[email protected]CVE-2022-0679

HistoryMar 28, 2022 - 6:15 p.m.

CVE-2022-0679

2022-03-2818:15:09

CWE-22

[email protected]

web.nvd.nist.gov

cve-2022-0679

narnoo distributor

wordpress plugin

validation failure

disclosure vulnerability

rce

ajax action

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.031 Low

EPSS

Percentile

91.1%

JSON

The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results in the disclosure of arbitrary files as the content of the file is then displayed in the response as JSON data. This could also lead to RCE with various tricks but depends on the underlying system and it’s configuration.

Affected configurations

Vulners

NVD

Node

narnoo_distributor_projectnarnoo_distributorRange≤2.5.1

VendorProductVersionCPE
narnoo_distributor_projectnarnoo_distributor*cpe:2.3:a:narnoo_distributor_project:narnoo_distributor:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
narnoo_distributor_project	narnoo_distributor	*	cpe:2.3:a:narnoo_distributor_project:narnoo_distributor::::::::

CNA Affected

[
  {
    "product": "Narnoo Distributor",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThanOrEqual": "2.5.1",
        "status": "affected",
        "version": "2.5.1",
        "versionType": "custom"
      }
    ]
  }
]