Description

The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.

Remediation

References

http://packetstormsecurity.com/files/163940/Strapi-3.0.0-beta.17.7-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Code-Execution.html

https://bittherapy.net/post/strapi-framework-remote-code-execution/

https://github.com/strapi/strapi/pull/4636

Related Vulnerabilities

CVE-2021-4306 Vulnerability in npm package terminal-kit

CVE-2020-26296 Vulnerability in maven package org.webjars.bowergithub.vega:vega

CVE-2020-26217 Vulnerability in maven package org.jvnet.hudson:xstream

CVE-2018-11695 Vulnerability in npm package node-sass

CVE-2021-42392 Vulnerability in maven package com.h2database:h2

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry Patch