PT-2019-9874 · Rhymix · Rhymix Cms

Subodh Kumar

Published

2019-01-03

Updated

2019-02-25

CVE-2018-19601

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Rhymix CMS version 1.9.8.1

Description The issue allows for Server-Side Request Forgery (SSRF) via an SVG upload in the admin module. This can be achieved by accessing the "index.php?module=admin&act=dispModuleAdminFileBox" endpoint with a malicious SVG file.

Recommendations For Rhymix CMS version 1.9.8.1, as a temporary workaround, consider disabling the SVG upload feature in the admin module until a patch is available. Restrict access to the "index.php?module=admin&act=dispModuleAdminFileBox" endpoint to minimize the risk of exploitation.

Exploit

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2018-19601

Affected Products

Rhymix Cms

PT-2019-9874 · Rhymix · Rhymix Cms

CVE-2018-19601

Weakness Enumeration

Related Identifiers

Affected Products

References · 5