vendor:
TWiki
by:
George Clark, juan vazquez
7,5
CVSS
HIGH
Remote Command Execution
78
CWE
Product Name: TWiki
Affected Version From: TWiki 5.1.2
Affected Version To: TWiki 5.1.2
Patch Exists: YES
Related CWE: CVE-2012-6329
CPE: a:twiki:twiki
Metasploit:
https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-0685/, https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2013-1667/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-0746/, https://www.rapid7.com/db/vulnerabilities/oracle-solaris-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/ibm-aix-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2012-6329/, https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2012-5195/, https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2012-5526/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Unix
2012
TWiki MAKETEXT Remote Command Execution
This module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl 'eval' command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set).
Mitigation:
Disable user interface localization or upgrade to the latest version of TWiki.
