Lintlha tse mabapi le ts'oaetso e sa lokisoang (0-day) ea bohlokoa (CVE-2019-16759) ka har'a enjine ea thepa bakeng sa ho theha liforomo tsa webo. , e u lumellang hore u phethe khoutu ho seva ka ho romela kopo e khethehileng ea POST. Sesebelisoa se sebetsang se fumaneha bakeng sa bothata. vBulletin e sebelisoa ke merero e mengata e bulehileng, ho kenyelletsa le liforamu tse thehiloeng ho enjene ena. , , и .
Kotsi e teng ho "ajax/render/widget_php", e lumellang khoutu ea khetla hore e fetisoe ka paramethara ea "widgetConfig[code]" (khoutu ea ho qala e fetisitsoe feela, ha ho hlokahale hore u balehe letho) . Tlhaselo ha e hloke netefatso ea forum. Bothata bo tiisitsoe litokollong tsohle tsa lekala la hona joale la vBulletin 5.x (le ntlafalitsoeng ho tloha 2012), ho kenyelletsa le tokollo ea morao-rao ea 5.5.4. Ntlafatso e nang le tokiso ha e so lokisoe.
Tlatsetso 1: Bakeng sa liphetolelo tsa 5.5.2, 5.5.3 le 5.5.4 likotopo. Beng ba likhatiso tsa khale tsa 5.x ba eletsoa hore ba ntlafatse lits'ebetso tsa bona pele ho liphetolelo tsa morao-rao tse tšehetsoeng ho felisa tlokotsi, empa e le mokhoa oa ho sebetsa. ho bitsa "eval($code)" ho khoutu ea ts'ebetso ea evalCode ho tsoa faeleng ho kenyelletsa/vb5/frontend/controller/bbcode.php.
Sehlomathiso sa 2: Kotsi e se e ntse e sebetsa bakeng sa litlhaselo, и . Mehlala ea tlhaselo e ka bonoa ho li-server tsa http ka ho ba teng ha likopo tsa mohala "ajax/render/widget_php".
Tlatsetso 3: mesaletsa ea ts'ebeliso ea bothata boo ho buisanoang ka bona litlhaselong tsa khale; ho hlakile hore ts'oaetso e se e sebelisitsoe hampe ka lilemo tse ka bang tharo. Ho feta moo, mongolo o ka sebelisoang ho etsa litlhaselo tse ikemetseng tse batlang lits'ebetso tse tlokotsing ka ts'ebeletso ea Shodan.
Source: opennet.ru