PT-2023-22081 · Glpi · Order Glpi Plugin

C3L3Si4N

Published

2023-04-05

Updated

2023-04-12

CVE-2023-29006

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Order GLPI plugin versions 1.8.0 through 2.7.6 Order GLPI plugin versions 2.8.0 through 2.10.0

Description The issue allows an authenticated user with access to the standard interface to craft a URL that can execute a system command.

Recommendations For Order GLPI plugin versions 1.8.0 through 2.7.6, update to version 2.7.7. For Order GLPI plugin versions 2.8.0 through 2.10.0, update to version 2.10.1. As a temporary workaround, consider deleting the ajax/dropdownContact.php file from the plugin.

Exploit

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2023-29006

GHSA-XFX2-QX2R-3WWM

Affected Products

Order Glpi Plugin

PT-2023-22081 · Glpi · Order Glpi Plugin

CVE-2023-29006

Weakness Enumeration

Related Identifiers

Affected Products

References · 5