CVE-2024-1538
published 2024-03-21CVE-2024-1538: The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or…
PriorityP354high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
10.65%
95.2th percentile
The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wp_file_manager page that includes files through the 'lang' parameter. This makes it possible for unauthenticated attackers to include local JavaScript files that can be leveraged to achieve RCE via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This issue was partially patched in version 7.2.4, and fully patched in 7.2.5.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| filemanagerpro | file_manager | < 7.2.5 | 7.2.5 |
| mndpsingh287 | file_manager | <= 7.2.4 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - Shell
suricata·2015-09-10·CVSS 10.0
CVE-2015-1538 [CRITICAL] ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - Shell
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - Shell
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - Shell"; flow:established,to_client; file.data; content:"|00 00 00 18 66 74 79 70|mp4"; within:13; content:"/system/bin/sh"; fast_pattern; reference:cve,2015-1538; reference:url,blog.zimperium.com/the-latest-on-stagefright-cve-2015-1538-exploit-is-now-available-for-testing-purposes/; classtype:attempted-user; sid:2021757; rev:4; metadata:created_at 2015_09_10, cve CVE_2015_1538, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_14;)
Suricata
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - ROP
suricata·2015-09-10·CVSS 10.0
CVE-2015-1538 [CRITICAL] ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - ROP
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - ROP
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - ROP"; flow:established,to_client; file.data; content:"|00 00 00 18 66 74 79 70|mp4"; within:13; content:"|98 2A 00 B0 B3 38 00 B0|"; fast_pattern; content:"|00 10 00 00 07 00 00 00 03 D0 00 D0 04 D0 00 D0 44 11 00 B0|"; distance:4; within:20; reference:cve,2015-1538; reference:url,blog.zimperium.com/the-latest-on-stagefright-cve-2015-1538-exploit-is-now-available-for-testing-purposes/; classtype:attempted-user; sid:2021758; rev:3; metadata:created_at 2015_09_10, cve CVE_2015_1538, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_14;)
Suricata
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - STSC
suricata·2015-09-10·CVSS 10.0
CVE-2015-1538 [CRITICAL] ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - STSC
ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - STSC
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible Android Stagefright MP4 CVE-2015-1538 - STSC"; flow:established,to_client; file.data; content:"stsc|00 00 00 00 C0 00 00 03|"; fast_pattern; content:!"|00 00 00 00|"; within:4; pcre:"/^(?P.{4})(?P.{4})(?P=addr2)(?P=addr1)/Rsi"; reference:cve,2015-1538; reference:url,blog.zimperium.com/the-latest-on-stagefright-cve-2015-1538-exploit-is-now-available-for-testing-purposes/; classtype:attempted-user; sid:2021759; rev:3; metadata:created_at 2015_09_10, cve CVE_2015_1538, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_14;)
Suricata
GPL WEB_SERVER iisadmin access
suricata·2010-09-23
CVE-1999-1538 GPL WEB_SERVER iisadmin access
GPL WEB_SERVER iisadmin access
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"GPL WEB_SERVER iisadmin access"; flow:established,to_server; http.uri; content:"/iisadmin"; nocase; reference:bugtraq,189; reference:cve,1999-1538; reference:nessus,11032; classtype:web-application-attack; sid:2100993; rev:15; metadata:created_at 2010_09_23, cve CVE_1999_1538, signature_severity Unknown, updated_at 2024_03_08;)
No public exploits indexed.
https://plugins.trac.wordpress.org/changeset/3051451/wp-file-managerhttps://www.wordfence.com/threat-intel/vulnerabilities/id/57cc15a6-2cf5-481f-bb81-ada48aa74009?source=cvehttps://plugins.trac.wordpress.org/changeset/3051451/wp-file-managerhttps://www.wordfence.com/threat-intel/vulnerabilities/id/57cc15a6-2cf5-481f-bb81-ada48aa74009?source=cve
2024-03-21
Published