PT-2020-5121 · Yii · Yii2

Nt0Xa

Published

2020-09-15

Updated

2020-09-22

CVE-2020-15148

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Yii 2 (yiisoft/yii2) versions prior to 2.0.38

Description The issue is related to the restoration of untrusted data structures in memory, potentially allowing a remote attacker to execute arbitrary code. This can occur if the application calls unserialize() on arbitrary user input. The estimated number of potentially affected devices is not provided.

Recommendations For versions prior to 2.0.38, update to version 2.0.38 to resolve the issue. As a temporary workaround without upgrading, add the following code to BatchQueryResult.php:

php

public function  sleep()
{
  throw new BadMethodCallException('Cannot serialize '. CLASS );
}

public function  wakeup()
{
  throw new BadMethodCallException('Cannot unserialize '. CLASS );
}

Exploit

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

BDU:2020-05717

CVE-2020-15148

GHSA-699Q-WCFF-G9MJ

Affected Products

Yii2

PT-2020-5121 · Yii · Yii2

CVE-2020-15148

Weakness Enumeration

Related Identifiers

Affected Products

References · 13