Description

uWSGI is a web application server, which implements protocols such as WSGI/uwsgi/http, and supports for various languages through plugins.

uWSGI allows configuring back-end web application dynamically through uwsgi protocol magic variables. If the uWSGI port is exposed, attackers can construct uwsgi packets and specify the magic variable UWSGI_FILE to execute arbitrary commands using the exec:// protocol.

It was confirmed that the uWSGI port 8000 is publicly accessible.

Remediation

The uWSGI port should not be publicly accessible. uWSGI should be configured to listen only on the local interface (127.0.0.1).

References

uWSGI Unauthorized Access Vulnerability

Configuring uWSGI

uwsgi protocol magic variables

Related Vulnerabilities

PHP code injection (pmwiki)

WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11)

Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)

ForgeRock AM / OpenAM Deserialization RCE (CVE-2021-35464)

PHPUnit Remote Code Execution

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Code Execution Acumonitor