CVE-2020-13576
published 2021-02-10CVE-2020-13576: A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.86%
92.3th percentile
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gsoap | < gsoap 2.8.104-3 (bookworm) | gsoap 2.8.104-3 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| genivia | gsoap | — | — |
| genivia | gsoap | >= 0 < 2.8.104-3 | 2.8.104-3 |
| genivia | gsoap | >= 0 < 2.8.104-3 | 2.8.104-3 |
| genivia | gsoap | >= 0 < 2.8.104-3 | 2.8.104-3 |
| genivia | gsoap | >= 0 < 2.8.104-3 | 2.8.104-3 |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
56211, 56275, 56297, 56298, 56307, 56308, 56507 - 56510
- →Exploit is triggered via a specially crafted SOAP HTTP request targeting the WS-Addressing plugin of Genivia gSOAP; monitor for anomalous/malformed SOAP requests to services using gSOAP. ↗
- →The vulnerability is specifically in the WS-Addressing plugin functionality; focus detection on SOAP endpoints that have WS-Addressing enabled. ↗
- ·Snort rules listed cover multiple CVEs in the same gSOAP advisory (CVE-2020-13574 through CVE-2020-13578); not all rules are exclusively for CVE-2020-13576. ↗
- ·Affected version is gSOAP 2.8.107; Debian resolved the issue in package version 2.8.104-3 (note: upstream fix versioning may differ from Debian package versioning). ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wx33-jrf7-q6rw: A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2
ghsa_unreviewed·2022-05-24
CVE-2020-13576 [CRITICAL] CWE-190 GHSA-wx33-jrf7-q6rw: A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
OSV
CVE-2020-13576: A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2
osv·2021-02-10·CVSS 9.8
CVE-2020-13576 [CRITICAL] CVE-2020-13576: A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Debian
CVE-2020-13576: gsoap - A code execution vulnerability exists in the WS-Addressing plugin functionality ...
vendor_debian·2020·CVSS 9.8
CVE-2020-13576 [CRITICAL] CVE-2020-13576: gsoap - A code execution vulnerability exists in the WS-Addressing plugin functionality ...
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.
Scope: local
bookworm: resolved (fixed in 2.8.104-3)
bullseye: resolved (fixed in 2.8.104-3)
forky: resolved (fixed in 2.8.104-3)
sid: resolved (fixed in 2.8.104-3)
trixie: resolved (fixed in 2.8.104-3)
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
blogs_talos·2021-01-05·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
## Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered multiple vulnerabilities in various Genivia gSOAP toolkit plugins. These vulnerabilities could allow an attacker to carry out a variety of malicious activities, including causing a denial of service on the victim machine or gaining the ability to execute arbitrary code.
The gSOAP toolkit is a C/C++ library for developing XML-based web services. It includes several plugins to support the implementation of SOAP and web service standards. The framework also provides multiple deployment options, including modules for IIS and Apache, standalone CGI scripts and its own standalone HTTP service.
In accordance with
Talos
Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
blogs_talos·2021-01-05·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.
Cisco Talos recently discovered multiple vulnerabilities in various Genivia gSOAP toolkit plugins. These vulnerabilities could allow an attacker to carry out a variety of malicious activities, including causing a denial of service on the victim machine or gaining the ability to execute arbitrary code.
The gSOAP toolkit is a C/C++ library for developing XML-based web services. It includes several plugins to support the implementation of SOAP and web service standards. The framework also provides multiple deployment options, including modules for IIS and Apache, standalone CGI scripts and its own standalone HTTP service.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Genivia to
https://lists.debian.org/debian-lts-announce/2024/02/msg00015.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JINMAJB4WQASTKTNSPQL3V7YMSYPKIA2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMTJ3SJJ22SFLBLPKFADV7NVBH7UFA23/https://talosintelligence.com/vulnerability_reports/TALOS-2020-1187https://lists.debian.org/debian-lts-announce/2024/02/msg00015.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JINMAJB4WQASTKTNSPQL3V7YMSYPKIA2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMTJ3SJJ22SFLBLPKFADV7NVBH7UFA23/https://talosintelligence.com/vulnerability_reports/TALOS-2020-1187
2021-02-10
Published