| 제목 | PluXml 5.8.22 Deserialization Vulnerability |
|---|
| 설명 | PluXml CMS version 5.8.22 and earlier contains a critical backend deserialization vulnerability that allows authenticated attackers to achieve remote code execution. The vulnerability stems from improper handling of user-controlled file parameters in the media management module (core/admin/medias.php), which triggers PHP stream wrapper processing during file operations. By uploading a malicious Phar archive disguised as an image file and then triggering deserialization through the file rename functionality using a phar:// protocol path, attackers can exploit a gadget chain in the bundled Guzzle HTTP library (FileCookieJar::__destruct() → save()) to write arbitrary PHP code to the server, resulting in remote code execution. |
|---|
| 원천 | ⚠️ https://note-hxlab.wetolink.com/share/9SJUnaDcJuqz |
|---|
| 사용자 | V3geD4g (UID 60725) |
|---|
| 제출 | 2025. 12. 12. AM 08:12 (4 개월 ago) |
|---|
| 모더레이션 | 2026. 01. 02. AM 10:57 (21 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 339383 [PluXml 까지 5.8.22 Media Management core/admin/medias.php __destruct 파일 권한 상승] |
|---|
| 포인트들 | 20 |
|---|