CVE-2022-26271
published 2022-03-28CVE-2022-26271: 74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
4.63%
90.6th percentile
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 74cms | 74cms | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to /index/download/index with path traversal in the 'url' parameter targeting application/database.php indicates exploitation attempt ↗
- →Response body containing all of '<?php', 'return array', 'password', and 'database' simultaneously indicates successful arbitrary file read of database config ↗
- →Successful exploitation returns Content-Type: application/octet-stream; monitor for this content type on download endpoints combined with path traversal sequences in query parameters ↗
- →Shodan and FOFA fingerprints for exposed 74cms instances: search http.html:"74cms" or app="74cms" ↗
- ·Vulnerability is unauthenticated (PR:N, UI:N) and network-accessible (AV:N), meaning no credentials are required to exploit the arbitrary file read via the $url parameter ↗
- ·The vulnerable parameter is $url in the Download controller; any path traversal sequence passed to this parameter may read arbitrary files accessible to the web process ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
74cmsSE v3.4.1 - Arbitrary File Read
nuclei·CVSS 7.5
CVE-2022-26271 [HIGH] 74cmsSE v3.4.1 - Arbitrary File Read
74cmsSE v3.4.1 - Arbitrary File Read
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
Template:
id: CVE-2022-26271
info:
name: 74cmsSE v3.4.1 - Arbitrary File Read
author: ritikchaddha
severity: high
description: |
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
impact: |
Successful exploitation could lead to unauthorized access to sensitive information.
remediation: |
Apply the vendor-supplied patch or upgrade to a non-vulnerable version.
reference:
- https://github.com/N1ce759/74cmsSE-Arbitrary-File-Reading/issues/1
- https://nvd.nist.gov/vuln/detail/cve-2022-26271
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:
No writeups or analysis indexed.
2022-03-28
Published