PT-2017-3226 · Quickerbb · Quickerbb

Published

2017-04-28

Updated

2017-12-02

CVE-2017-1000169

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions QuickerBB versions prior to 0.7.3

Description The issue is related to insufficient input validation in the config.php component of QuickerBB, which can be exploited by a remote attacker to execute arbitrary code. This can lead to the complete takeover of the server hosting QuickerBB.

Recommendations For QuickerBB versions prior to 0.7.3, update to version 0.7.3 or later to resolve the issue. At the moment, there is no information about other versions that contain a fix for this issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2017-02659

CVE-2017-1000169

Affected Products

Quickerbb

PT-2017-3226 · Quickerbb · Quickerbb

CVE-2017-1000169

Weakness Enumeration

Related Identifiers

Affected Products

References · 4