Nette up to 3.0.5 URL Parameter injection

Summaryinfo

A vulnerability was found in Nette up to 3.0.5. It has been rated as critical. This issue affects some unknown processing of the component URL Handler. The manipulation as part of Parameter leads to injection. This vulnerability is referenced as CVE-2020-15227. Remote exploitation of the attack is possible. Furthermore, an exploit is available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Nette up to 3.0.5. This issue affects an unknown function of the component URL Handler. The manipulation as part of a Parameter leads to a injection vulnerability. Using CWE to declare the problem leads to CWE-74. The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. Nette is a PHP/Composer MVC Framework.

The weakness was published 10/01/2020 (GitHub Repository). It is possible to read the advisory at github.com. The identification of this vulnerability is CVE-2020-15227 since 06/25/2020. The exploitation is known to be difficult. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but an exploit is available. The attack technique deployed by this issue is T1055 according to MITRE ATT&CK.

It is declared as attacked.

Upgrading to version 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16 or 3.0.6 eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Name

• Nette

Version

• 2.0.0
• 2.0.1
• 2.0.2
• 2.0.3
• 2.0.4
• 2.0.5
• 2.0.6
• 2.0.7
• 2.0.8
• 2.0.9
• 2.0.10
• 2.0.11
• 2.0.12
• 2.0.13
• 2.0.14
• 2.0.15
• 2.0.16
• 2.0.17
• 2.0.18
• 2.1.0
• 2.1.1
• 2.1.2
• 2.1.3
• 2.1.4
• 2.1.5
• 2.1.6
• 2.1.7
• 2.1.8
• 2.1.9
• 2.1.10
• 2.1.11
• 2.1.12
• 2.2.0
• 2.2.1
• 2.2.2
• 2.2.3
• 2.2.4
• 2.2.5
• 2.2.6
• 2.2.7
• 2.2.8
• 2.2.9
• 2.3.0
• 2.3.1
• 2.3.2
• 2.3.3
• 2.3.4
• 2.3.5
• 2.3.6
• 2.3.7
• 2.3.8
• 2.3.9
• 2.3.10
• 2.3.11
• 2.3.12
• 2.3.13
• 2.4.0
• 2.4.1
• 2.4.2
• 2.4.3
• 2.4.4
• 2.4.5
• 2.4.6
• 2.4.7
• 2.4.8
• 2.4.9
• 2.4.10
• 2.4.11
• 2.4.12
• 2.4.13
• 2.4.14
• 2.4.15
• 3.0.0
• 3.0.1
• 3.0.2
• 3.0.3
• 3.0.4
• 3.0.5

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion