CVE-2023-30854

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 12.4

Description An OS Command Injection issue in the authenticated endpoint /plugin/CloneSite/cloneClient.json.php allows attackers to achieve Remote Code Execution. The vulnerable code executes a command that includes user-controlled input, specifically the cloneSiteURL variable, which can be manipulated through the admin panel's clone site feature. By hosting a specially crafted cloneServer.json.php file, an attacker can inject malicious commands, leading to remote code execution. This issue is exploited by sending a GET request to the vulnerable endpoint.

Recommendations For versions prior to 12.4, update to version 12.4 to resolve the issue. As a temporary workaround, consider restricting access to the /plugin/CloneSite/cloneClient.json.php endpoint until the update is applied. Additionally, restrict the ability to control the cloneSiteURL variable through the admin panel to minimize the risk of exploitation.