CVE-2023-4222

2023-11-2808:15:08

CWE-78

[email protected]

web.nvd.nist.gov

cve-2023-4222

command injection

chamilo lms

learning paths

remote code execution

special characters

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

61.0%

JSON

Command injection in main/lp/openoffice_text_document.class.php in Chamilo LMS <= v1.11.24 allows users permitted to upload Learning Paths to obtain remote code execution via improper neutralisation of special characters.

Affected configurations

Nvd

Node

chamilochamilo_lmsRange≤1.11.24

VendorProductVersionCPE
chamilochamilo_lms*cpe:2.3:a:chamilo:chamilo_lms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
chamilo	chamilo_lms	*	cpe:2.3:a:chamilo:chamilo_lms::::::::

References

github.com/chamilo/chamilo-lms/commit/841a07396fed0ef27c5db13a1b700eac02754fc7

github.com/chamilo/chamilo-lms/commit/ed72914608d2a07ee2eb587c1a654480d08201db

starlabs.sg/advisories/23/23-4222

support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-128-2023-09-04-Critical-impact-Moderate-risk-Authenticated-users-may-gain-unauthenticated-RCE-CVE-2023-4221CVE-2023-4222