CVE-2018-19274 — Deserialization of Untrusted Data in Phpbb

CWE-502 — Deserialization of Untrusted Data CWE-1321 — Prototype Pollution4 documents3 sources

Severity

7.2HIGHNVD

EPSS

14.5%

top 5.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpbb Phpbb3 Debian Linux

Timeline

PublishedNov 17

Latest updateMay 13

Description

Passing an absolute path to a file_exists check in phpBB before 3.2.4 allows Remote Code Execution through Object Injection by employing Phar deserialization when an attacker has access to the Admin Control Panel with founder permissions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

▶NVDphpbb/phpbb< 3.2.4

▶Packagistphpbb/phpbb< 3.2.4

▶Ubuntuphpbb3/phpbb3< 3.0.12-1ubuntu0.1~esm1

Also affects: Debian Linux 8.0

Patches

Patch: www.phpbb.com ↗Patch: www.phpbb.com ↗

🔴Vulnerability Details

OSV

phpBB Remote Code Execution↗2022-05-13

▶

GHSA

phpBB Remote Code Execution↗2022-05-13

▶

OSV

CVE-2018-19274: Passing an absolute path to a file_exists check in phpBB before 3↗2018-11-17

▶