PHP file inclusion in the Sulu admin panel
CVE-2021-43836

8.5HIGH

Key Information:

Vendor: Sulu
Status: Sulu
Vendor: CVE Published:; 15 December 2021

What is CVE-2021-43836?

Sulu is an open-source PHP content management system based on the Symfony framework. In affected versions an attacker can read arbitrary local files via a PHP file include. In a default configuration this also leads to remote code execution. The problem is patched with the Versions 1.6.44, 2.2.18, 2.3.8, 2.4.0. For users unable to upgrade overwrite the service sulu_route.generator.expression_token_provider and wrap the translator before passing it to the expression language.

Affected Version(s)

sulu < 1.6.44 < 1.6.44

sulu >= 2.0.0, < 2.2.18 < 2.0.0, 2.2.18

sulu >= 2.3.0, < 2.3.8 < 2.3.0, 2.3.8

References

https://github.com/sulu/sulu/security/advisories/GHSA-vx6...

x_refsource_CONFIRM

https://github.com/sulu/sulu/commit/9c948f9ce350c68b53af8...

x_refsource_MISC

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 15, 2021
Vulnerability Reserved
Nov 16, 2021

CVE-2021-43836 Data

JSON