Description

vBulletin versions 4.1+ and 5+ are leaking the customer number via the /install/upgrade.php (/core/install/upgrade.php) scripts.

Quote from the vBulletin website: "A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories. Our developers are investigating this issue at this time. If deemed necessary we will release the necessary patches. In order to prevent this issue on your vBulletin sites, it is recommended that you delete the install directory for your installation. "

Remediation

The directories that should be deleted are:

  • 4.X - /install/
  • 5.X - /core/install

After deleting these directories your sites can not be affected by the issues that we're currently investigating. vBulletin 3.X and pre-4.1 would not be affected by these issues. However if you want the best security precautions, you can delete your install directory as well.

References

Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+)

Dangerous vBulletin exploit in the wild

Related Vulnerabilities

WordPress Plugin MapPress Maps for WordPress Security Bypass (2.54.5)

WordPress Plugin Beaver Builder-WordPress Page Builder Security Bypass (1.7)

Unrestricted access to NGINX+ API interface (read write)

WordPress Plugin WooCommerce Product Feed Manager Security Bypass (2.2.3)

WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (7.1.12)

Severity

High

Classification

CVE-2013-6129 CWE-264 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure