Incorrect Regular Expression in .htaccess File Can Allow Code Execution

CVE-2022-25769

7.2HIGH

Key Information

Vendor
Mautic
Status
Mautic
Vendor
CVE Published:
18 September 2024

Summary

ImpactThe default .htaccess file has some restrictions in the access to PHP files to only allow specific PHP files to be executed in the root of the application.

This logic isn't correct, as the regex in the second FilesMatch only checks the filename, not the full path.

Affected Version(s)

Mautic < 3.3.5

Mautic < 4.2.0

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Mattias Michaux
Mattias Michaux
John Linhart
Zdeno Kuzmany
.