Description

The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.

Remediation

References

http://packetstormsecurity.com/files/163940/Strapi-3.0.0-beta.17.7-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Code-Execution.html

https://bittherapy.net/post/strapi-framework-remote-code-execution/

https://github.com/strapi/strapi/pull/4636

Related Vulnerabilities

CVE-2023-45885 Vulnerability in npm package openmct

CVE-2020-14359 Vulnerability in maven package org.keycloak:keycloak-core

CVE-2021-41862 Vulnerability in maven package com.googlecode.aviator:aviator

CVE-2023-1436 Vulnerability in maven package org.codehaus.jettison:jettison

CVE-2022-22965 Vulnerability in maven package org.springframework.boot:spring-boot-starter-web

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry Patch