Description

The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.

Remediation

References

http://packetstormsecurity.com/files/163940/Strapi-3.0.0-beta.17.7-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Code-Execution.html

https://bittherapy.net/post/strapi-framework-remote-code-execution/

https://github.com/strapi/strapi/pull/4636

Related Vulnerabilities

CVE-2022-26884 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-server

CVE-2023-26111 Vulnerability in npm package @nubosoftware/node-static

CVE-2021-43138 Vulnerability in maven package org.webjars.npm:async

CVE-2022-43405 Vulnerability in maven package io.jenkins.plugins:pipeline-groovy-lib

CVE-2021-23328 Vulnerability in npm package iniparserjs

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry Patch