Arbitrary Code Execution Vulnerability in SPIP'sporte_plume Plugin
CVE-2024-7954

9.8CRITICAL

Key Information:

Vendor
Spip
Status
Spip
Vendor
CVE Published:
23 August 2024

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐Ÿ“ฐ News Worthy

Summary

An arbitrary code execution vulnerability, CVE-2024-7954, was identified in the SPIP's porte_plume plugin, allowing remote unauthenticated attackers to execute arbitrary PHP code by sending a specially crafted HTTP request. The Cyble Sensor Intelligence report also highlighted other active vulnerabilities, phishing scams, and brute-force attacks, with recommendations for security teams to upgrade affected software, monitor and block attack attempts, and strengthen password policies. No known exploitation by ransomware groups was mentioned.

Affected Version(s)

SPIP 4.3.0-alpha < 4.3.0-alpha2

SPIP 4.2.0 < 4.2.13

SPIP 4.1.0 < 4.1.16

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

News Articles

Cyble Sensor Intelligence: Attacks, Phishing Scams And Brute-Force Detections - Cyble

Cybleโ€™s weekly sensor intelligence report identified active vulnerability exploits, phishing campaigns and brute-force attacks.

4 months ago

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ“ฐ

    First article discovered by Cyble

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Louka Jacques-Chevallier
.