cov ntaub ntawv hais txog qhov tsis raug kho (0-hnub) qhov tsis zoo tseem ceeb (CVE-2019-16759) hauv lub cav muaj tswv yim tsim cov rooj sib tham hauv lub vev xaib , uas tso cai rau koj kom ua tiav cov cai ntawm lub server los ntawm kev xa cov ntawv thov POST tshwj xeeb. Ib qho kev siv nyiaj ua haujlwm yog muaj rau qhov teeb meem. vBulletin yog siv los ntawm ntau qhov haujlwm qhib, suav nrog cov rooj sab laj raws li lub cav no. , , ΠΈ .
Qhov tsis zoo yog tam sim no nyob rau hauv "ajax / render / widget_php" handler, uas tso cai rau lub plhaub code kom dhau los ntawm "widgetConfig [code]" parameter (qhov tso tawm code tsuas yog dhau, koj tsis tas yuav khiav tawm dab tsi) . Kev tawm tsam tsis tas yuav muaj kev lees paub lub rooj sab laj. Qhov teeb meem tau lees paub hauv txhua qhov kev tshaj tawm tam sim no vBulletin 5.x ceg (tsim txij li xyoo 2012), suav nrog kev tso tawm tam sim no 5.5.4. Kev hloov tshiab nrog kev kho tseem tsis tau npaj.
Ntxiv 1: Rau versions 5.5.2, 5.5.3 thiab 5.5.4 thaj ua rau thaj. Cov tswv ntawm cov laus 5.x tso tawm tau qhia ua ntej hloov kho lawv cov tshuab mus rau qhov kev txhawb nqa tshiab tshaj plaws kom tshem tawm qhov tsis zoo, tab sis raws li kev ua haujlwm. hu "eval($code)" hauv evalCode muaj nuj nqi code los ntawm cov ntaub ntawv suav nrog /vb5/frontend/controller/bbcode.php.
Addendum 2: Vulnerability twb ua haujlwm lawm rau kev tawm tsam, ΠΈ . Cov kab ntawm qhov kev tawm tsam tuaj yeem pom nyob rau hauv http server cav los ntawm qhov muaj kev thov rau kab "ajax/render/widget_php".
Ntxiv 3: Cov cim ntawm kev siv qhov teeb meem nyob rau hauv kev sib tham nyob rau hauv qub tawm tsam; pom tau hais tias, qhov tsis zoo no twb raug exploited txog peb xyoos. Tsis tas li ntawd, ib tsab ntawv uas tuaj yeem siv los ua kom muaj kev tawm tsam loj hauv kev tshawb nrhiav cov tshuab tsis zoo los ntawm kev pabcuam Shodan.
Tau qhov twg los: opennet.ru