CVE-2023-32679Injection in Craft CMS

CWE-74Injection4 documents4 sources
Severity
7.2HIGHNVD
EPSS
25.5%
top 3.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Craftcms Craft CMSCraftcms CMS
Timeline
PublishedMay 19
Latest updateMay 22

Description

Craft CMS is an open source content management system. In affected versions of Craft CMS an unrestricted file extension may lead to Remote Code Execution. If the name parameter value is not empty string('') in the View.php's doesTemplateExist() -> resolveTemplate() -> _resolveTemplateInternal() -> _resolveTemplate() function, it returns directly without extension verification, so that arbitrary extension files are rendered as twig templates. When attacker with admin privileges on a DEV or an imp

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages3 packages

Packagistcraftcms/cms4.0.04.4.6
NVDcraftcms/craft_cms4.0.04.4.6
CVEListV5craftcms/cms>= 4.0.0, < 4.4.6

🔴Vulnerability Details

3
OSV
Craft CMS vulnerable to Remote Code Execution via unrestricted file extension2023-05-22
GHSA
Craft CMS vulnerable to Remote Code Execution via unrestricted file extension2023-05-22
CVEList
Remote Code Execution via unrestricted file extension in Craft CMS2023-05-19
CVE-2023-32679 — Injection in Craftcms Craft CMS | cvebase