| Название | Shanghai Zhuozhuo Network Technology Co., LTD dedeCMS <=5.7.2 Command Injection |
|---|
| Описание | Vulnerability Summary: Template Injection Command Execution in dedeCMS 5.7 SP2
Overview
A critical template injection vulnerability exists in dedeCMS version 5.7 SP2 and earlier, allowing authenticated attackers to execute arbitrary system commands.
Affected Software
Vendor: Shanghai Zhuozhuo Network Technology Co., LTD
Software: dedeCMS
Affected Version: ≤ 5.7.2
Vulnerability Details
Type: Template Injection leading to Remote Code Execution
Location: /include/dedetag.class.php
Access Requirement: Requires authentication with admin privileges (default credentials: admin/admin)
Exploitation
The vulnerability can be exploited by accessing the /dede/co_get_corule.php interface with malicious input in the notes parameter:
/dede/co_get_corule.php?notes={dede:");system('calc');///}&job=1
The payload needs to be accessed twice for successful command execution
The example demonstrates execution of the calc command (calculator), but could be replaced with any system command
Impact
Successful exploitation allows attackers to:
Execute arbitrary system commands on the server
Potentially gain complete control of the affected system
Perform various malicious activities depending on server permissions
Verification
The vulnerability can be verified by observing successful execution of the injected command (in the PoC case, launching the calculator application).
Recommendation
Users should immediately update to a patched version of dedeCMS or apply appropriate security measures to restrict access to vulnerable components. |
|---|
| Источник | ⚠️ https://github.com/jujubooom/CVE/issues/1 |
|---|
| Пользователь | Ewoji (UID 86574) |
|---|
| Представление | 13.06.2025 15:42 (10 месяцы назад) |
|---|
| Модерация | 19.06.2025 12:18 (6 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 313331 [DedeCMS до 5.7.2 Template dedetag.class.php notes эскалация привилегий] |
|---|
| Баллы | 20 |
|---|