一、 漏洞 CVE-2024-12209 基础信息
漏洞信息
# WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - 无需认证的本地文件包含漏洞
## 漏洞概述
WP Umbrella: Update Backup Restore & Monitoring 插件存在本地文件包含漏洞,攻击者可通过该漏洞执行任意PHP代码,绕过访问控制,获取敏感数据或实现代码执行。
## 影响版本
所有版本直至包括2.17.0
## 漏洞细节
攻击者通过 `umbrella-restore` 操作中的 `filename` 参数触发本地文件包含漏洞。此漏洞允许未授权攻击者包含并执行服务器上的任意文件,进而执行其中的PHP代码。
## 影响
攻击者可以利用此漏洞:
- 绕过访问控制
- 获取敏感数据
- 实现代码执行(在可以通过上传并包含图片和其他“安全”文件类型的情况下)
提示
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
漏洞描述信息
CVSS信息
漏洞类别
漏洞标题
漏洞描述信息
CVSS信息
漏洞类别
二、漏洞 CVE-2024-12209 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | WP Umbrella: Update Backup Restore & Monitoring <= 2.17.0 - Unauthenticated Local File Inclusion | https://github.com/RandomRobbieBF/CVE-2024-12209 | POC详情 |
| 2 | Unauthenticated Local File Inclusion | https://github.com/Nxploited/CVE-2024-12209 | POC详情 |
| 3 | The WP Umbrella: Update Backup Restore & Monitoring plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.17.0 via the 'filename' parameter of the 'umbrella-restore' action. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-12209.yaml | POC详情 |
三、漏洞 CVE-2024-12209 的情报信息
-
标题: ERROR: The request could not be satisfied -- 🔗来源链接
标签:
-
标题: RestoreRouter.php in wp-health/tags/v2.16.4/src/Actions – WordPress Plugin Repository -- 🔗来源链接
标签:
-
标题: Changeset 3202883 for wp-health – WordPress Plugin Repository -- 🔗来源链接
标签:
- https://nvd.nist.gov/vuln/detail/CVE-2024-12209