ProHoster > Блог > xov xwm hauv internet > Qhov tsis muaj zog tseem ceeb hauv WordPress- File Manager plugin, uas muaj 700 txhiab qhov kev teeb tsa

Qhov tsis muaj zog tseem ceeb hauv WordPress- File Manager plugin, uas muaj 700 txhiab qhov kev teeb tsa

В WordPress-plugin Tus Thawj Tswj Ntaub Ntawv, nrog ntau tshaj 700 qhov kev teeb tsa ua haujlwm, txheeb xyuas Muaj qhov tsis zoo uas ua rau cov lus txib thiab PHP scripts ua haujlwm tau ntawm lub server. Qhov teeb meem no cuam tshuam rau File Manager versions 6.0 txog 6.8 thiab kho tau hauv version 6.9.

Lub File Manager plugin muab cov cuab yeej tswj cov ntaub ntawv rau tus thawj coj. WordPress, siv lub tsev qiv ntawv suav nrog rau kev tswj cov ntaub ntawv qis elFinderCov lej ntawm lub tsev qiv ntawv elFinder muaj cov ntaub ntawv piv txwv ntawm cov lej, uas tau muab rau hauv daim nplaub tshev ua haujlwm nrog rau qhov txuas ntxiv ".dist". Qhov tsis muaj zog no yog vim qhov tseeb tias thaum lub sijhawm faib cov tsev qiv ntawv, cov ntaub ntawv "connector.minimal.php.dist" tau hloov npe mus ua "connector.minimal.php" thiab tau siv rau kev ua tiav thaum xa cov lus thov sab nraud. Cov ntawv sau no tso cai rau txhua yam kev ua haujlwm ntawm cov ntaub ntawv (upload, open, editor, rename, rm, thiab lwm yam) kom ua tiav, vim nws cov kev teeb tsa tau dhau mus rau qhov kev ua haujlwm khiav () ntawm lub plugin tseem ceeb, uas tuaj yeem siv los hloov cov ntaub ntawv PHP hauv WordPress thiab khiav arbitrary code.

Qhov txaus ntshai yog qhov ua rau muaj qhov tsis muaj zog lawm yog siv Yuav ua kom muaj kev tawm tsam tsis siv neeg, ib daim duab uas muaj PHP code raug upload rau hauv "plugins/wp-file-manager/lib/files/" directory siv cov lus txib "upload". Tom qab ntawd daim duab raug hloov npe mus rau PHP script nrog lub npe xaiv tsis raws cai uas muaj cov ntawv "hard" lossis "x." (piv txwv li, hardfork.php, hardfind.php, x.php, thiab lwm yam). Thaum ua tiav, PHP code ntxiv ib qho backdoor rau cov ntaub ntawv /wp-admin/admin-ajax.php thiab /wp-includes/user.php, tso cai rau cov neeg tawm tsam nkag mus rau lub xaib lub interface admin. Kev siv tsis raug yog ua tiav los ntawm kev xa POST thov rau cov ntaub ntawv "wp-file-manager/lib/php/connector.minimal.php."

Nws tsim nyog sau tseg tias tom qab qhov hack, ntxiv rau kev tawm hauv qhov rooj tom qab, kev hloov pauv tau ua los tiv thaiv kev nkag mus ntxiv rau cov ntaub ntawv connector.minimal.php, uas muaj qhov tsis zoo, txhawm rau thaiv qhov ua tau ntawm lwm tus neeg tawm tsam tawm tsam lub server.
Thawj qhov kev sim tawm tsam tau pom thaum lub Cuaj Hlis 1 thaum 7 teev sawv ntxov (UTC).
Thaum 12:33 PM (UTC), cov neeg tsim khoom plugin File Manager tau tso tawm ib qho kho. Raws li Wordfence, lub tuam txhab uas tau tshawb pom qhov tsis muaj zog, lawv lub firewall tau thaiv kwv yees li 450 qhov kev sim siv qhov tsis muaj zog hauv ib hnub. Kev tshuaj xyuas network qhia tau tias 52% ntawm cov vev xaib siv plugin tseem tsis tau hloov kho tshiab thiab tseem muaj zog. Tom qab txhim kho qhov hloov tshiab, nws yog ib lub tswv yim zoo los xyuas cov ntaub ntawv HTTP server rau kev hu rau "connector.minimal.php" script kom paub seb lub kaw lus puas tau raug cuam tshuam.

Tsis tas li ntawd xwb, yuav muaj kev tso tawm kho kom raug. WordPress 5.5.1 uas nws tau raug npaj tseg 40 kho.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster