Description

The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Code Execution in the Install and Uninstall Plugin components of the Admin panel, because it does not sanitize the plugin name, and attackers can inject arbitrary shell commands to be executed by the execa function.

Remediation

References

http://packetstormsecurity.com/files/163940/Strapi-3.0.0-beta.17.7-Remote-Code-Execution.html

http://packetstormsecurity.com/files/163950/Strapi-CMS-3.0.0-beta.17.4-Remote-Code-Execution.html

https://bittherapy.net/post/strapi-framework-remote-code-execution/

https://github.com/strapi/strapi/pull/4636

Related Vulnerabilities

CVE-2022-4135 Vulnerability in npm package electron

CVE-2023-47324 Vulnerability in maven package org.silverpeas.core:silverpeas-core-api

CVE-2018-16492 Vulnerability in npm package extend

CVE-2022-31129 Vulnerability in maven package org.webjars.bower:momentjs

CVE-2023-50102 Vulnerability in maven package com.jfinal:jfinal

Severity

High

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory VDB Entry Patch