VDB-165300 · CVE-2020-15929 · 49077

Ortus TestBox up to 4.1.0 Query String HTMLRunner.cfm command injection

A vulnerability was found in Ortus TestBox up to 4.1.0. It has been classified as critical. Affected is some unknown functionality of the file system/runners/HTMLRunner.cfm of the component Query String Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	11/24/2020 10:34 AM	12/10/2020 09:31 AM	12/10/2020 09:34 AM
vendor	Ortus	Ortus	Ortus
name	TestBox	TestBox	TestBox
version	<=4.1.0	<=4.1.0	<=4.1.0
component	Query String Handler	Query String Handler	Query String Handler
file	system/runners/HTMLRunner.cfm	system/runners/HTMLRunner.cfm	system/runners/HTMLRunner.cfm
cvss3_vuldb_av	N	N	N
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_e	P	P	P
identifier	49077	49077	49077
url	https://www.exploit-db.com/exploits/49077	https://www.exploit-db.com/exploits/49077	https://www.exploit-db.com/exploits/49077
availability	1	1	1
publicity	1	1	1
url	https://www.exploit-db.com/exploits/49077	https://www.exploit-db.com/exploits/49077	https://www.exploit-db.com/exploits/49077
cve	CVE-2020-15929	CVE-2020-15929	CVE-2020-15929
exploitdb	49077	49077	49077
date	1606172400 (11/24/2020)	1606172400 (11/24/2020)	1606172400 (11/24/2020)
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_e	POC	POC	POC
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_rl	ND	ND	ND
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_rl	X	X	X
cvss3_vuldb_rc	X	X	X
cvss2_vuldb_basescore	6.0	6.0	6.0
cvss2_vuldb_tempscore	5.4	5.4	5.4
cvss3_vuldb_basescore	6.3	6.3	6.3
cvss3_vuldb_tempscore	6.0	6.0	6.0
cvss3_meta_basescore	6.3	6.3	8.0
cvss3_meta_tempscore	6.0	6.0	7.6
price_0day	$0-$5k	$0-$5k	$0-$5k
cve_assigned		1595541600	1595541600
cve_nvd_summary		In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution.	In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution.
cwe	0	0	77 (privilege escalation)
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss2_nvd_basescore			7.5
cvss3_nvd_basescore			9.8

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!