Lucene search
GoogleOSV:GHSA-79JW-2F46-WV22HistoryFeb 23, 2022 - 9:08 p.m.
Authenticated remote code execution in October CMS
2022-02-2321:08:44
Google
osv.dev
31
0.005 Low
EPSS
Percentile
77.0%
Impact
An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass cms.safe_mode / cms.enableSafeMode in order to execute arbitrary code.
- This issue only affects admin panels that rely on safe mode and restricted permissions.
- To exploit this vulnerability, an attacker must first have access to the backend area.
Patches
The issue has been patched in Build 474 (v1.0.474) and v1.1.10.
Workarounds
Apply https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe to your installation manually if unable to upgrade to Build 474 or v1.1.10.
References
Credits to:
- David Miller
For more information
If you have any questions or comments about this advisory:
- Email us at [email protected]
Related
cve
cve
CVE-2022-21705
2022-02-23 19:15:08
prion
prion
Design/Logic Flaw
2022-02-23 19:15:00
nvd
nvd
CVE-2022-21705
2022-02-23 19:15:08
nuclei
nuclei
October CMS - Remote Code Execution
2022-05-13 06:06:56
osv
osv
CVE-2022-21705
2022-02-23 19:15:08
veracode
veracode
Remote Code Execution (RCE)
2022-02-24 04:34:21
cvelist
cvelist
CVE-2022-21705 Authenticated remote code execution in octobercms
2022-02-23 19:00:10
github
github
Authenticated remote code execution in October CMS
2022-02-23 21:08:44