Remote Code Execution Vulnerability in Moodle by Moodle HQ
CVE-2018-1133

8.8HIGH

Key Information:

Vendor
Moodle
Status
Moodle 3.x Unknown
Vendor
CVE Published:
25 May 2018

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 62%

Summary

A vulnerability in Moodle 3.x allows a Teacher to create a Calculated question that can lead to remote code execution on the server. This issue occurs due to improper handling of the eval function, enabling an attacker with sufficient privileges to exploit the feature and inject malicious code. It is crucial for users to apply the appropriate security patches to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Moodle 3.x unknown Moodle 3.x unknown

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

MoodleExploit
Created by darrynten

MOODLE-3.X-Remote-Code-Execution
Created by Feidao-fei

References

https://moodle.org/mod/forum/discuss.php?d=371199
x_refsource_CONFIRM
https://www.exploit-db.com/exploits/46551/
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/104307
vdb-entryx_refsource_BID

EPSS Score

62% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.