Exploit
CVE-2024-9076

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Sep 22, 2024 / Updated: 59d ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A critical vulnerability has been discovered in DedeCMS versions up to 5.7.115. The issue affects the processing of the file article_string_mix.php, which can lead to OS command injection. This vulnerability can be exploited remotely and requires low privileges with no user interaction.

Impact

This vulnerability allows attackers to execute arbitrary operating system commands on the affected system. Given the critical nature of the vulnerability, successful exploitation could lead to complete system compromise, including: 1. Unauthorized access to sensitive data (high confidentiality impact) 2. Modification or deletion of critical files and data (high integrity impact) 3. Disruption of services or system availability (high availability impact) The remote nature of the attack and the low complexity involved make this vulnerability particularly dangerous, as it could be easily exploited by malicious actors.

Exploitation

One proof-of-concept exploit is available on gitee.com. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, no official patch has been released. The vulnerability affects DedeCMS versions up to 5.7.115, suggesting that an update addressing this issue may be forthcoming. However, the vendor has not responded to the disclosure, which may delay the availability of a patch.

Mitigation

Given the critical nature of this vulnerability and the lack of an official patch, the following mitigation steps are recommended: 1. Immediately isolate or disable access to DedeCMS instances, especially those running versions 5.7.115 or earlier. 2. Implement strong network segmentation to limit potential lateral movement if the vulnerability is exploited. 3. Monitor and log all traffic to and from DedeCMS servers for suspicious activity. 4. Apply input validation and sanitization on all user inputs, particularly those that interact with article_string_mix.php. 5. Implement a Web Application Firewall (WAF) with rules to detect and block OS command injection attempts. 6. Regularly check for updates from the DedeCMS vendor and apply any security patches as soon as they become available. 7. Consider using alternative CMS solutions until a patch is released and thoroughly tested.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9076. See article

Sep 22, 2024 at 12:30 AM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 22, 2024 at 12:32 AM
CVE Assignment

NVD published the first details for CVE-2024-9076

Sep 22, 2024 at 1:15 AM
CVSS

A CVSS base score of 6.3 has been assigned.

Sep 22, 2024 at 1:20 AM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 17.1%)

Sep 22, 2024 at 9:55 AM
CVSS

A CVSS base score of 8.8 has been assigned.

Sep 27, 2024 at 4:15 PM / nvd
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Sep 27, 2024 at 7:12 PM
Static CVE Timeline Graph

Affected Systems

Dedecms/dedecms
+null more

Exploits

https://gitee.com/hjjjx/dede_cms/blob/master/article_string_mix_rce.md
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI