WordfenceVULNRICHMENT:CVE-2024-7627CVE-2024-7627 Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the ‘checkSyntax’ function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:*"
],
"vendor": "bitapps",
"product": "file_manager",
"versions": [
{
"status": "affected",
"version": "6.0",
"versionType": "semver",
"lessThanOrEqual": "6.5.5"
}
],
"defaultStatus": "unaffected"
}
]References
plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L39
plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Providers/FileEditValidator.php#L88
plugins.trac.wordpress.org/changeset/3138710/
www.wordfence.com/threat-intel/vulnerabilities/id/5f29de7a-3f15-4b6d-aad7-6a08151e2113?source=cve
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
SSVC
Exploitation
none
Automatable
yes
Technical Impact
total