Description

vBulletin is a widespread proprietary Internet forum software package developed by vBulletin Solutions, Inc., based on PHP and MySQL database server.

vBulletin contains a vulnerability that can allow a remote attacker to include any file from the vBulletin server and execute arbitrary PHP code. An unauthenticated user is able to send a GET request to /index.php which can then trigger the file inclusion vulnerability with parameter routestring. The request allows an attacker to create a crafted request to Vbulletin server installed on Windows OS and include any file on the web server.

Remediation

At this time there is no solution or workaround for this vulnerability.

References

SSD Advisory - vBulletin routestring Unauthenticated Remote Code Execution

Related Vulnerabilities

WordPress Plugin AllWebMenus WordPress Menu 'abspath' Parameter Remote File Include (1.1.3)

WordPress Plugin Extensive VC Addons for WPBakery page builder Local File Inclusion (1.9)

WordPress Plugin Social Discussions Remote File Include and Information Disclosure Vulnerabilities (6.1.1)

WordPress Plugin OPS Old Post Spinner 'ops_file' Parameter Local File Include (2.2.1)

WordPress Plugin BackWPup Multiple Local File Include Vulnerabilities (1.5.2)

Severity

High

Classification

CWE-98 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

File Inclusion