← Advisories

Spitfire CMS 1.0.475 (cms_backup_values) PHP Object Injection

High

Advisory ID

ZSL-2022-5720

Release Date

09 December 2022

Vendor

Claus Muus - http://spitfire.clausmuus.de

Affected Version

1.0.475

CVE

CVE-2022-47083

Tested On

nginx

Summary

Spitfire is a system to manage the content of webpages.

Description

The application is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize() function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests to the web application containing malicious serialized input.

Proof of Concept

spitfirecms_cookieobjinj.txtTXT

Disclosure Timeline

28.09.2022Vulnerability discovered.

28.09.2022Vendor contacted.

08.12.2022No response from the vendor.

09.12.2022Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/170186/

[2]https://cxsecurity.com/issue/WLB-2022120026