vendor:
Power BB
by:
DigitALL
7.8
CVSS
HIGH
Power BB 1.8.3 Remote File Include
98
CWE
Product Name: Power BB
Affected Version From: Power BB 1.8.3
Affected Version To: Power BB 1.8.3
Patch Exists: YES
Related CWE: CVE-2020-1234
CPE: cpe:a:powerwd:power_bb:1.8.3
Other Scripts:
https://www.infosecmatter.com/nessus-plugin-library/?id=137254, https://www.infosecmatter.com/nessus-plugin-library/?id=135640, https://www.infosecmatter.com/nessus-plugin-library/?id=94362, https://www.infosecmatter.com/nessus-plugin-library/?id=139006, https://www.infosecmatter.com/nessus-plugin-library/?id=82619, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/admin/dcerpc/cve_2020_1472_zerologon, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/admin/dcerpc/cve_2021_1675_printnightmare, https://www.infosecmatter.com/nessus-plugin-library/?id=134367, https://www.infosecmatter.com/nessus-plugin-library/?id=124064, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/http/plex_unpickle_dict_rce
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2020
Power BB 1.8.3 Remote File Include
Power BB 1.8.3 is vulnerable to a remote file include vulnerability due to the use of the $_SERVER['DOCUMENT_ROOT'] variable in the include statement. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable server. The malicious URL contains the path to the attacker's malicious file, which is then included in the vulnerable application. This can lead to remote code execution on the vulnerable server.
Mitigation:
To mitigate this vulnerability, the application should be updated to the latest version of Power BB 1.8.3. Additionally, the application should be configured to use a whitelist of allowed files and directories.
