CVE-2024-25600 Scanner
Detects 'Unauthenticated Remote Code Execution' vulnerability in Bricks Builder affects v. <= 1.9.6.
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
Bricks Builder is a WordPress development theme with approximately 25,000 active installations, providing a user-friendly drag-and-drop interface for designing WordPress websites. It is widely used by developers and website designers to create custom layouts and designs for WordPress sites, enhancing their visual appeal and functionality.
The vulnerability detected in Bricks Builder <= 1.9.6 is an unauthenticated remote code execution (RCE) flaw. This vulnerability allows attackers to execute arbitrary commands on the target server without requiring authentication, potentially leading to complete compromise of the WordPress site or server hosting it.
The vulnerability resides in the '/wp-json/bricks/v1/render_element' endpoint of Bricks Builder, where it fails to properly sanitize user-supplied input. By crafting a specially-crafted POST request with malicious payloads in the 'queryEditor' parameter, attackers can inject and execute arbitrary PHP code on the server, leading to remote code execution.
Exploiting this vulnerability enables attackers to execute arbitrary commands on the target server, allowing them to take full control of the WordPress site or server. This could lead to various malicious activities, including data theft, website defacement, installation of malware or backdoors, and further compromise of other systems hosted on the same server.
By leveraging the security scanning capabilities of the S4E platform, you can detect critical vulnerabilities like Unauthenticated Remote Code Execution (RCE) in Bricks Builder before they are exploited by malicious actors. Join our platform to proactively protect your WordPress sites and ensure their security against RCE attacks.
References
- https://www.exploit-db.com/exploits/51664
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25600
- https://wpscan.com/vulnerability/afea4f8c-4d45-4cc0-8eb7-6fa6748158bd/
- https://snicco.io/vulnerability-disclosure/bricks/unauthenticated-rce-in-bricks-1-9-6
- https://github.com/Chocapikk/CVE-2024-25600
- https://op-c.net/blog/cve-2024-25600-wordpresss-bricks-builder-rce-flaw-under-active-exploitation