CVE-2024-7954 Scanner
CVE-2024-7954 scanner - Remote Code Execution vulnerability in SPIP Porte Plume Plugin
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
4 week
Scan only one
Domain, Ipv4
Toolbox
-
SPIP is a popular CMS used by website developers to manage online content efficiently. The Porte Plume Plugin enhances SPIP by providing a rich text editor for better content formatting. Used by organizations and individuals to manage content-rich websites, SPIP helps create, publish, and maintain digital assets. The plugin integrates seamlessly with SPIP's core functionality, allowing users to edit HTML without technical complexities. Porte Plume is integral to SPIP's text editing capabilities, offering users a flexible interface.
The SPIP Porte Plume Plugin is vulnerable to Remote Code Execution (RCE). A remote attacker can exploit this flaw without authentication to run arbitrary PHP code on the system. This type of vulnerability can give malicious users full control over the server. The critical nature of this issue requires immediate attention to prevent unauthorized access.
The vulnerability exists in the "porte_plume_previsu" action, where an attacker can send a specially crafted HTTP POST request. The "data" parameter in the request can be manipulated to inject malicious PHP code. Upon execution, the system processes this code, leading to arbitrary command execution. The vulnerable endpoint accepts crafted requests with minimal input validation, allowing remote users to exploit it. This flaw enables attackers to gain control of the server by executing system-level commands.
Exploiting this vulnerability allows attackers to execute arbitrary code on the server. This could lead to complete server compromise, data theft, or further malware deployment. Unauthorized code execution can impact system integrity, lead to sensitive information disclosure, and allow the installation of backdoors. Additionally, attackers could use the compromised server to launch further attacks on connected systems.
By using the S4E platform, you gain access to continuous vulnerability assessments and detailed reports on exposed weaknesses. The platform automates vulnerability scanning, saving you time and effort in maintaining security. Our tools help you stay ahead of emerging threats with up-to-date information and real-time alerts. Additionally, you can track and remediate security issues across all your digital assets from a single platform. Join now to protect your digital infrastructure with proactive threat management.
References:
- https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-0-alpha2-SPIP-4-2-13-SPIP-4.html
- https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather/
- https://vulncheck.com/advisories/spip-porte-plume
- https://nvd.nist.gov/vuln/detail/CVE-2024-7954
- https://github.com/bigb0x/CVE-2024-7954