CVE-2022-25486
published 2022-03-15CVE-2022-25486: CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
PriorityP272high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
9.97%
95.0th percentile
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cuppacms | cuppacms | — | — |
Detection & IOCsextracted from sources · hover to see the quote
yara↗
regex: root:[x*]:0:0
- →Detect LFI exploitation attempts targeting CuppaCMS by monitoring POST requests to /alerts/alertConfigField.php with the 'urlConfig' parameter containing path traversal sequences (e.g., '../'). ↗
- →A successful exploitation response will return HTTP 200 and contain the string matching 'root:[x*]:0:0' in the body, indicating /etc/passwd was read. ↗
- →The vulnerable parameter is 'urlConfig' submitted via application/x-www-form-urlencoded in a POST body to the alertConfigField.php endpoint. ↗
- ·The vulnerability is confirmed only in CuppaCMS v1.0 (cpe:2.3:a:cuppacms:cuppacms:1.0). Detections should be scoped to this version to reduce false positives. ↗
- ·CVSS vector is AV:L (local attack vector) per NVD classification, but the Nuclei template exploits it over HTTP POST, suggesting network-accessible deployments are also at risk. ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-974c-m3vw-pwx2: CuppaCMS v1
ghsa_unreviewed·2022-03-16
CVE-2022-25486 [HIGH] CWE-829 GHSA-974c-m3vw-pwx2: CuppaCMS v1
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
VulnCheck
cuppacms cuppacms Inclusion of Functionality from Untrusted Control Sphere
vulncheck·2022·CVSS 7.8
CVE-2022-25486 [HIGH] cuppacms cuppacms Inclusion of Functionality from Untrusted Control Sphere
cuppacms cuppacms Inclusion of Functionality from Untrusted Control Sphere
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
Affected: cuppacms cuppacms
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-22&host_type=src&vulnerability=cve-2022-25486; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-24&host_type=src&vulnerability=cve-2022-25486; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-01-27&host_type=src&vulnerability=cve-2022-25
No detection rules found.
Nuclei
Cuppa CMS v1.0 - Local File Inclusion
nuclei·CVSS 7.8
CVE-2022-25486 [HIGH] Cuppa CMS v1.0 - Local File Inclusion
Cuppa CMS v1.0 - Local File Inclusion
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
Template:
id: CVE-2022-25486
info:
name: Cuppa CMS v1.0 - Local File Inclusion
author: theamanrawat
severity: high
description: |
CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access, sensitive information disclosure, and potential remote code execution.
remediation: |
Upgrade to the latest version of Cuppa CMS or apply the provided patch to fix the LFI vulnerability.
reference:
- https://github.com/CuppaCMS/CuppaCMS
- https://nvd.nist.gov/vuln/detail/CVE-2022-25486
- https://github
No writeups or analysis indexed.
https://github.com/CuppaCMS/CuppaCMS/issues/15https://github.com/CuppaCMS/CuppaCMS/issues/25https://github.com/hansmach1ne/MyExploits/tree/main/Multiple_LFIs_in_CuppaCMS_alertshttps://github.com/CuppaCMS/CuppaCMS/issues/15https://github.com/CuppaCMS/CuppaCMS/issues/25https://github.com/hansmach1ne/MyExploits/tree/main/Multiple_LFIs_in_CuppaCMS_alerts
2022-03-15
Published
Exploited in the wild