Lucene search

Veracode Vulnerability DatabaseVERACODE:43399

HistorySep 27, 2023 - 6:20 a.m.

Arbitrary Code Execution

2023-09-2706:20:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

arbitrary code execution

searchor

software

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.1%

JSON

searchor is vulnerable to Arbitrary Code Execution. The vulnerability is due to the search function in main.py which uses eval to dynamically construct the method call and execute it. An attacker can construct malicious input to the variables engine, query, copy, open which can leads to Code Execution.

CPENameOperatorVersion
searchorle2.4.1
searchorle2.4.1

CPE	Name	Operator	Version
	searchor	le	2.4.1
	searchor	le	2.4.1

References

github.com/advisories/GHSA-66m2-493m-crh2

github.com/ArjunSharda/Searchor/commit/16016506f7bf92b0f21f51841d599126d6fcd15b

github.com/ArjunSharda/Searchor/pull/130

github.com/nexis-nexis/Searchor-2.4.0-POC-Exploit-

github.com/nikn0laty/Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

43.1%

JSON

Related for VERACODE:43399