Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-5161 — XML External Entity (XXE) Injection in Zendxml

CWE-611 — XML External Entity (XXE) Injection CWE-776 — XML Entity Expansion18 documents8 sources

Severity

9.6CRITICALNVD

NVD6.8CNA6.8OSV6.8

EPSS

32.8%

top 3.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

PHP Zendframework Zendframework Zendframework1 +8 more

Timeline

PublishedAug 25

Latest updateMay 17

Description

The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML external entity (XXE) and XML entity expansion (XEE) attacks via multibyte encoded characters.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages10 packages

▶Packagistzendframework/zendxml1.0.0 — 1.0.1

▶Packagistzendframework/zendframework2.0.0 — 2.4.6+2

▶Packagistzendframework/zendframework11.12.0 — 1.12.14

▶NVDzend/zend_framework119 versions+118

▶NVDphp/php5.5.0 — 5.5.22+4

Also affects: Ubuntu Linux 12.04, 14.04, 15.10

🔴Vulnerability Details

OSV

ZendXml and Zend Framework contain XXE and XEE Vulnerabilities↗2022-05-17

▶

GHSA

ZendXml and Zend Framework contain XXE and XEE Vulnerabilities↗2022-05-17

▶

GHSA

GHSA-x5qj-644j-7xc7: ext/libxml/libxml↗2022-05-14

▶

OSV

CVE-2015-8866: ext/libxml/libxml↗2016-05-22

▶

CVEList

CVE-2015-8866: ext/libxml/libxml↗2016-05-22

▶

💥Exploits & PoCs

Exploit-DB

eBay Magento 1.9.2.1 - PHP FPM XML eXternal Entity Injection↗2015-10-30

▶

Exploit-DB

Zend Framework 2.4.2 - PHP FPM XML eXternal Entity Injection↗2015-08-13

▶

📋Vendor Advisories

Red Hat

php: libxml_disable_entity_loader setting is shared between threads↗2016-04-21

▶

💬Community

Bugzilla

CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM [epel-7]↗2015-08-13

▶

Bugzilla

CVE-2015-5161 php-ZendFramework2: php-ZendFramework: XML external entity injection (XXE) on PHP FPM [epel-7]↗2015-08-13

▶

Bugzilla

CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM↗2015-08-13

▶

Bugzilla

CVE-2015-5161 php-ZendFramework: XML external entity injection (XXE) on PHP FPM [fedora-all]↗2015-08-13

▶

Bugzilla

CVE-2015-5161 php-ZendFramework2: php-ZendFramework: XML external entity injection (XXE) on PHP FPM [fedora-all]↗2015-08-13

▶