CVE-2024-8517 Scanner
CVE-2024-8517 scanner - Remote Code Execution vulnerability in SPIP BigUp Plugin
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
4 weeks
Scan only one
Domain, IPv4, Subdomain
Toolbox
-
SPIP is a popular content management system (CMS) used globally by developers, especially in French-speaking regions, for website creation and content publishing. The SPIP BigUp plugin provides enhanced file management capabilities, including file uploads, directly within the CMS. This plugin is frequently used by administrators who need an intuitive interface to handle multimedia content. However, like many plugins, it relies on user input, which if not properly sanitized, can lead to security vulnerabilities. This makes the SPIP BigUp plugin particularly susceptible to certain code execution vulnerabilities.
The Remote Code Execution vulnerability in the SPIP BigUp plugin allows an attacker to execute arbitrary commands on the server running SPIP. This issue arises due to inadequate validation of user-supplied inputs during file upload processes. An attacker can exploit this flaw by crafting a specific request, which results in the execution of system commands. This vulnerability has a high impact, with potential for unauthorized control of the server.
The vulnerability is present within the file upload mechanism in the BigUp plugin, where user inputs are processed without proper sanitization. Specifically, when handling multipart file upload requests, the application fails to validate certain parameters. This flaw enables an attacker to manipulate a field in the HTTP request and inject OS-level commands. Once processed by the system, these commands can allow attackers to retrieve server details and potentially gain further access. The vulnerable endpoints are those responsible for handling file uploads and specifically the “bigup_retrouver_fichiers” parameter.
When exploited, this vulnerability can give attackers remote access to execute system-level commands, potentially allowing them to control the server. An attacker could gain access to sensitive data, alter or delete files, or use the compromised server to launch additional attacks on other systems. This level of control may disrupt the website's functionality, leading to reputational damage, data breaches, or a significant compromise of the overall system's security.
By leveraging the S4E platform, you can continuously monitor and protect your assets from critical vulnerabilities like Remote Code Execution. Our platform provides real-time, automated scanning and reporting to help you respond to threats proactively. Membership also includes insights and recommendations tailored to your unique digital infrastructure. Sign up today to gain complete visibility into your system’s vulnerabilities and secure your web applications with ease.
References:
- https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-2-SPIP-4-2-16-SPIP-4-1-18.html
- https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload/
- https://vulncheck.com/advisories/spip-upload-rce
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
