On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers.
PHPFusion is an open-source content management system (CMS) designed for managing personal or commercial websites and is offered under the GNU Affero General Public License v3.0.
These vulnerabilities impact versions 9.10.30 and earlier versions of PHP fusion, which let attackers perform remote code execution attempts.
No patches are available to mitigate the vulnerability; instead, it recommends its users disable the” Forum “ option to prevent the exploitation.
CyRC researcher Matthew Hogg discovered this high vulnerability with a base score of 8.5.
Due to insufficient sanitization of arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed.
Exploitation of this vulnerability can lead to remote code execution (RCE) if an attacker can acquire some means of uploading a crafted payload file with the ‘.php’ extension to any known absolute path on the target system.
There is no patch available for this vulnerability. Disabling the “Forum” Infusion through the admin panel removes the endpoint for exploiting this vulnerability, preventing the issue.
If the “Forum” Infusion cannot be disabled, technologies such as a web application firewall may help to mitigate exploitation attempts.
In the admin panel’s “Fusion File Manager” component, an attacker can make a forged request to read system files with the running process’s privileges due to an out-of-date dependency.
CyRC researcher Dharani Sri Penumacha discovered this medium vulnerability with a base score of 5.2.
Exploitation of this vulnerability can lead to arbitrary file read and limited file write for known absolute paths on the host.
There is no patch available for this vulnerability. Technologies such as a web application firewall may help to mitigate exploitation attempts.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been…
A newly identified malware, dubbed "Squidoor," has emerged as a sophisticated threat targeting government, defense,…
Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of…
In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in…
The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia,…
In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that…