Friday, March 29, 2024

vBulletin Forum Software RCE Zero-day Exploit Published Online By Anonymous Hacker – Unpatched

An anonymous hacker publicly disclosed an unpatched vBulletin forum software pre-auth RCE Zero-day Exploit.

vBulletin is one of the most popular and widely used forum software which is written in PHP, and the new version of vBulletin software release just 20 days ago.

According to the Exploit writer who has posted in the exploit code in online said “This should work on all versions from 5.0.0 till 5.5.4”

It’s unclear why the researcher discloses the exploit in public instead of reporting to the vBulletin team, and if he did this, the researcher would have to make up to $10000 as a bug bounty reward since the exploitable RCE vulnerability belongs to “Critical” severity category.

GBHackers Team analyzed the code and confirmed that the vulnerability allows attackers to execute a remote command via widgetConfig[code] parameter and inject the shellcode in the forum server where the vBulletin installation package resides.

The disclosed exploit code takes advantage of the vulnerability that existing up to vBulletin 5.4 version due to improper validation in “ajax/render/widget_php” during the time of processing data through “widgetConfig[code]” HTTP POST parameter. you can have a look at the following python script published by the researcher online. 

vBulletin RCE Zero-day Exploit code

An attacker doesn’t need to have an account on the forum that used vBulletin software version 5.4 and below to exploit the vulnerability, and the attacker can send a specially crafted HTTP POST request to execute the arbitrary code in the targeted forum.

The researcher called this vulnerability as “pre-auth Remote code execution” which is categorized as a critical severity, and the successful exploit this vulnerability may result in the complete compromise of a vulnerable system remotely.

There are very few percentages (less than 1 %) of the total website on the internet used the vBulletin forum software, but there are millions of users who have registered in the forum are now affected.

There is no patch published yet, We may expect the vBulletin team fix the vulnerability and release the patch soon.

Stay tuned, we will update here once we get the patch update.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read: Microsoft Emergency Patch – IE Zero-day Vulnerability Let Hackers Execute Arbitrary Code Remotely in Windows PC

Website

Latest articles

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report highlighting...

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles