macluumaadka ku saabsan dayacanka halista ah (CVE-0-2019) ee aan la saxin (16759-maalin) , kaas oo kuu ogolaanaya inaad ku fuliso koodka server-ka adoo soo diraya codsi gaar ah oo POST ah. Ka faa'iidaysi shaqo ayaa diyaar u ah dhibaatada. vBulletin waxa isticmaala mashaariic badan oo furan, oo ay ku jiraan golayaasha ku salaysan mishiinka. , , ΠΈ .
Nuglaanta waxay ku jirtaa gacan hayaha "ajax/render/widget_php", kaas oo u oggolaanaya koodhka qolofka aan sharciga ahayn in la dhex maro halbeegga "widgetConfig[code]" (koodka furitaanka si fudud ayaa loo gudbiyay, xitaa uma baahnid inaad wax ka baxsato) . Weerarku uma baahna xaqiijinta madasha. Dhibaatada waxa lagu xaqiijiyay dhammaan sii daynta laanta vBulletin 5.x ee hadda jirta (oo la soo saaray ilaa 2012), oo ay ku jirto sii dayntii ugu dambaysay ee 5.5.4. Cusbooneysiin leh hagaajin weli lama diyaarin.
Ku darida 1: Noocyada 5.5.2, 5.5.3 iyo 5.5.4 balastar. Milkiilayaasha da'da 5.x ee ka weyn waxaa lagula talinayaa inay marka hore cusboonaysiiyaan nidaamkooda noocyadii ugu dambeeyay ee la taageeray si loo baabi'iyo dayacanka, laakiin sidii xalin wacitaanka "eval ($ code)" ee ku jira code function code ka faylka waxaa ku jira/vb5/frontend/controller/bbcode.php.
Kordhinta 2: Nuglaanta ayaa durba firfircoon weerarada, ΠΈ . Raadka weerarka waxaa lagu arki karaa diiwaanka server-ka http iyadoo ay jiraan codsiyada khadka "ajax/render/widget_php".
Addendum 3: raadadka isticmaalka dhibaatada ee laga doodayo weeraradii hore, sida muuqata, baylahda ayaa mar hore laga faa'iidaysanayay ilaa saddex sano. Ka sokow, qoraal loo isticmaali karo in lagu fuliyo weerarro iswada oo badan oo lagu raadinayo nidaamyada nugul iyada oo loo marayo adeegga Shodan.
Source: opennet.ru