Description

The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.

Remediation

References

http://packetstormsecurity.com/files/163940/Strapi-3.0.0-beta.17.7-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Code-Execution.html

https://bittherapy.net/post/strapi-framework-remote-code-execution/

https://github.com/strapi/strapi/pull/4636

Related Vulnerabilities

CVE-2019-15952 Vulnerability in npm package total.js

CVE-2020-26272 Vulnerability in npm package electron

CVE-2021-34083 Vulnerability in npm package google-it

CVE-2020-25689 Vulnerability in maven package org.wildfly.core:wildfly-protocol

CVE-2021-23384 Vulnerability in npm package koa-remove-trailing-slashes

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry Patch