CVE-2023-3368 Scanner
Detects 'Unauthenticated Command Injection' vulnerability in Chamilo LMS affects versions up to and including v1.11.20
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
Chamilo LMS is a Learning Management System (LMS) designed to provide educators and learners with a platform to manage, deliver, and track online education and training. It offers a wide range of features, including course creation, online quizzes, forums, and reporting tools, making it a popular choice for educational institutions, businesses, and independent teachers. As an open-source project, Chamilo LMS is developed by an active community aiming to provide accessible and high-quality e-learning tools.
The vulnerability CVE-2023-3368 in Chamilo LMS allows unauthenticated attackers to execute arbitrary commands on the server. This is possible due to improper handling of user-supplied data in `/main/webservices/additional_webservices.php`, which fails to adequately sanitize input before being processed by the server. As a result, attackers can exploit this vulnerability to compromise the security of the LMS platform, potentially gaining unauthorized access to sensitive data or disrupting the availability of educational services.
Specifically, the vulnerability is triggered when malicious XML data is sent to the `additional_webservices.php` endpoint. By crafting a POST request that includes a specially formatted XML payload, attackers can inject shell commands that are executed by the server. This command injection is facilitated by the misuse of user-controlled input within the system's codebase, leading to the execution of commands under the privileges of the web server. This vulnerability highlights the critical importance of validating and sanitizing all external inputs to prevent such security breaches.
Exploiting this vulnerability could lead to severe consequences, including but not limited to, unauthorized access to the LMS's administrative functionalities, theft of sensitive data (such as student records and educational content), introduction of malware, and potentially taking the entire LMS offline. The impact extends beyond data security, affecting the integrity and availability of educational services provided through the platform, potentially damaging the reputation of institutions relying on Chamilo LMS for their e-learning needs.
By leveraging the S4E platform, users gain access to state-of-the-art security scanning tools designed to detect vulnerabilities like CVE-2023-3368 in Chamilo LMS. Our service provides detailed vulnerability assessments, actionable remediation advice, and continuous monitoring capabilities to ensure your digital assets remain secure. Joining S4E empowers organizations and educators to proactively address security risks, ensuring the integrity and availability of their e-learning environments. Protect your LMS and maintain the trust of your users with our comprehensive cyber threat exposure management solutions.
References
- https://nvd.nist.gov/vuln/detail/CVE-2023-3368
- https://starlabs.sg/advisories/23/23-3368/
- https://support.chamilo.org/projects/chamilo-18/wiki/security_issues#Issue-121-2023-07-05-Critical-impact-High-risk-Unauthenticated-Command-Injection-CVE-2023-3368
- https://github.com/chamilo/chamilo-lms/commit/37be9ce7243a30259047dd4517c48ff8b21d657a
- https://https://github.com/chamilo/chamilo-lms/commit/4c69b294f927db62092e01b70ac9bd6e32d5b48b