virus logo Intrusion Prevention

SPIP.form.CVE-2023-27372.PHP.Injection

description-logoDescription

This indicates an attack attempt to exploit a Remote PHP Code Injection vulnerability in SPIP.
The vulnerability is due to insufficient validation error when handling an crafted HTTP upload. An unauthenticated remote attacker may be able to exploit this to execute remote code within the context of the target system.

affected-products-logoAffected Products

SPIP version 4.2.0 and prior
SPIP version 4.0.0 to version 4.0.9
SPIP version 4.1.0 to version 4.1.7
SPIP version prior to version 3.2.18

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the latest patch or update from the vendor.
https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-2-1-SPIP-4-1-8-SPIP-4-0-10-et.html
https://git.spip.net/spip/spip/commit/5aedf49b89415a4df3eb775eee3801a2b4b88266
https://git.spip.net/spip/spip/commit/96fbeb38711c6706e62457f2b732a652a04a409d

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-06-07 24.572
Modified
 Default_action:pass:drop
2023-05-29 23.563
New
ID 52887
Created Apr 24, 2023
Updated Jun 06, 2023
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 93.12%
Default Action drop
Active
Affected OS Linux, BSD
Affected App PHP_app
Profile Type Code Injection