CVE-2023-25828 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-25828 PUBLISHED CVSS 8.600000381469727 HIGH

Pluck CMS is vulnerable to an authenticated remote code execution (RCE) vulnerability through its “albums” module. Albums are used to create collections of images that can be inserted into web pages across the site. Albums allow the upload of various filetypes, which undergo a normalization process before being available on the site. Due to lack of file extension validation, it is possible to upload a crafted JPEG payload containing an embedded PHP web-shell. An attacker may navigate to it directly to achieve RCE on the underlying web server. Administrator credentials for the Pluck CMS web interface are required to access the albums module feature, and are thus required to exploit this vulnerability. CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C (8.2 High)

EPSS 0.68% · 71.4th percentile

Risk Scores

CVSS v4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.68%

71.4th percentile

Affected Products

Vendor	Product	Versions
pluck-cms	pluck	0, 4.7.16, 4.7.16
Pluck	pluck-cms	4.7

Timeline

Mar 27, 2023 CVE Published
Mar 28, 2023 EPSS Score
May 5, 2023 EPSS Score
Jun 11, 2023 EPSS Score
Aug 26, 2023 EPSS Score
Oct 2, 2023 EPSS Score
Nov 9, 2023 EPSS Score
Dec 17, 2023 EPSS Score
Jan 23, 2024 EPSS Score
Apr 8, 2024 EPSS Score
May 15, 2024 EPSS Score
Jun 22, 2024 EPSS Score

References

Open in Interactive Console →