On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers.
PHPFusion is an open-source content management system (CMS) designed for managing personal or commercial websites and is offered under the GNU Affero General Public License v3.0.
These vulnerabilities impact versions 9.10.30 and earlier versions of PHP fusion, which let attackers perform remote code execution attempts.
No patches are available to mitigate the vulnerability; instead, it recommends its users disable the” Forum “ option to prevent the exploitation.
CyRC researcher Matthew Hogg discovered this high vulnerability with a base score of 8.5.
Due to insufficient sanitization of arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed.
Exploitation of this vulnerability can lead to remote code execution (RCE) if an attacker can acquire some means of uploading a crafted payload file with the ‘.php’ extension to any known absolute path on the target system.
There is no patch available for this vulnerability. Disabling the “Forum” Infusion through the admin panel removes the endpoint for exploiting this vulnerability, preventing the issue.
If the “Forum” Infusion cannot be disabled, technologies such as a web application firewall may help to mitigate exploitation attempts.
In the admin panel’s “Fusion File Manager” component, an attacker can make a forged request to read system files with the running process’s privileges due to an out-of-date dependency.
CyRC researcher Dharani Sri Penumacha discovered this medium vulnerability with a base score of 5.2.
Exploitation of this vulnerability can lead to arbitrary file read and limited file write for known absolute paths on the host.
There is no patch available for this vulnerability. Technologies such as a web application firewall may help to mitigate exploitation attempts.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the…
Hackers are exploiting what's known as "Dangling DNS" records to take over corporate subdomains, posing…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware,…
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of…
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious…