PT-2020-16975 · Salesagility · Suitecrm
Hao Wang
+2
·
Published
2020-11-06
·
Updated
2024-03-06
·
CVE-2020-28328
CVSS v2.0
9.0
9.0
High
| Base vector | Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
SuiteCRM versions prior to 7.11.17
Description:
The issue allows for remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, the `logger file name` can refer to an attacker-controlled .php file under the web root.
Recommendations:
For versions prior to 7.11.17, update to version 7.11.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the system settings Log File Name setting to prevent admin account takeover and minimize the risk of exploitation.
Exploit
Fix
Unrestricted File Upload
Weakness Enumeration
Related Identifiers
BIT-SUITECRM-2020-28328
CVE-2020-28328
Affected Products
Suitecrm
References · 12
- 🔥 https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/suitecrm_log_file_rce.rb⭐ 34266 🔗 14003 · Exploit
- 🔥 https://github.com/mcorybillington/SuiteCRM-RCE⭐ 2 🔗 1 · Exploit
- 🔥 http://packetstormsecurity.com/files/162975/SuiteCRM-Log-File-Remote-Code-Execution.html · Exploit
- 🔥 http://packetstormsecurity.com/files/165001/SuiteCRM-7.11.18-Remote-Code-Execution.html · Exploit
- 🔥 http://packetstormsecurity.com/files/159937/SuiteCRM-7.11.15-Remote-Code-Execution.html · Exploit
- 🔥 https://exploit-db.com/exploits/49001 · Exploit
- https://osv.dev/vulnerability/CVE-2020-28328 · Vendor Advisory
- https://suitecrm.com/suitecrm-7-11-17-7-10-28-lts-versions-released · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-28328 · Security Note
- https://osv.dev/vulnerability/BIT-suitecrm-2020-28328 · Vendor Advisory
- https://t.me/cvenotify/5921 · Telegram Post
- https://t.me/cibsecurity/31054 · Telegram Post