CVE-2022-2073
published 2022-06-29CVE-2022-2073: Code Injection in GitHub repository getgrav/grav prior to 1.7.34.
PriorityP348high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
10.38%
95.2th percentile
Code Injection in GitHub repository getgrav/grav prior to 1.7.34.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| getgrav | grav | < 1.7.42 | 1.7.42 |
| getgrav | grav | < 1.7.34 | 1.7.34 |
| getgrav | grav | < 1.7.42 | 1.7.42 |
| getgrav | grav | >= 0 < 1.7.42 | 1.7.42 |
| getgrav | grav | >= 0 < 1.7.34 | 1.7.34 |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Grav Server-side Template Injection (SSTI) via Twig Default Filters
osv·2023-06-16
CVE-2023-34448 [HIGH] Grav Server-side Template Injection (SSTI) via Twig Default Filters
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Hi,
actually we have sent the bug report to [[email protected]](mailto:[email protected]) on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Twig Default Filters
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | true]),
];
}
...
+ /**
+ * @param Environment $env
+ * @param array $array
+ * @param callable|string $arrow
+ * @return array|CallbackFilterIterator
+ * @throws RuntimeError
+ */
+ function filterF
OSV
Grav Server-side Template Injection (SSTI) via Twig Default Filters
osv·2023-06-16
CVE-2023-34252 [HIGH] Grav Server-side Template Injection (SSTI) via Twig Default Filters
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Hi,
actually we have sent the bug report to [[email protected]](mailto:[email protected]) on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Insufficient Validation in filterFilter
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | true]),
];
}
...
/**
* @param Environment $env
* @param array $array
* @param callable|string $arrow
* @return array|CallbackFilterIterator
* @throws RuntimeError
*/
function filt
GHSA
Grav Server-side Template Injection (SSTI) via Twig Default Filters
ghsa·2023-06-16
CVE-2023-34448 [HIGH] CWE-1336 Grav Server-side Template Injection (SSTI) via Twig Default Filters
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Hi,
actually we have sent the bug report to [[email protected]](mailto:[email protected]) on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Twig Default Filters
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | true]),
];
}
...
+ /**
+ * @param Environment $env
+ * @param array $array
+ * @param callable|string $arrow
+ * @return array|CallbackFilterIterator
+ * @throws RuntimeError
+ */
+ function filterF
OSV
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
osv·2023-06-16
CVE-2023-34253 [HIGH] Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
Hi,
actually we have sent the bug report to [email protected] on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | 0,
'array_diff_uassoc' => -1,
'array_diff_ukey' => -1,
'array_filter' => 1,
'array_intersect_uassoc' => -1,
'array_intersect_ukey' => -1,
'array_map' => 0,
'array_reduce' => 1,
'array_udiff_assoc' => -1,
'array_ud
GHSA
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
ghsa·2023-06-16
CVE-2023-34253 [HIGH] CWE-1336 Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
Hi,
actually we have sent the bug report to [email protected] on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Denylist Bypass Vulnerability
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | 0,
'array_diff_uassoc' => -1,
'array_diff_ukey' => -1,
'array_filter' => 1,
'array_intersect_uassoc' => -1,
'array_intersect_ukey' => -1,
'array_map' => 0,
'array_reduce' => 1,
'array_udiff_assoc' => -1,
'array_ud
GHSA
Grav Server-side Template Injection (SSTI) via Twig Default Filters
ghsa·2023-06-16
CVE-2023-34252 [HIGH] CWE-1336 Grav Server-side Template Injection (SSTI) via Twig Default Filters
Grav Server-side Template Injection (SSTI) via Twig Default Filters
Hi,
actually we have sent the bug report to [[email protected]](mailto:[email protected]) on 27th March 2023 and on 10th April 2023.
# Grav Server-side Template Injection (SSTI) via Insufficient Validation in filterFilter
## Summary:
| **Product** | Grav CMS |
| ----------------------- | --------------------------------------------- |
| **Vendor** | Grav |
| **Severity** | High - Users with login access to Grav Admin panel and page creation/update permissions are able to obtain remote code/command execution |
| **Affected Versions** | true]),
];
}
...
/**
* @param Environment $env
* @param array $array
* @param callable|string $arrow
* @return array|CallbackFilterIterator
* @throws RuntimeError
*/
function filt
GHSA
Code injection in grav
ghsa·2022-06-30
CVE-2022-2073 [HIGH] CWE-94 Code injection in grav
Code injection in grav
Grav is vulnerable to Server Side Template Injection via Twig. According to a previous vulnerability report, Twig should not render dangerous functions by default, such as system.
OSV
Code injection in grav
osv·2022-06-30
CVE-2022-2073 [HIGH] Code injection in grav
Code injection in grav
Grav is vulnerable to Server Side Template Injection via Twig. According to a previous vulnerability report, Twig should not render dangerous functions by default, such as system.
No detection rules found.
No public exploits indexed.
2022-06-29
Published