CVE-2017-7981
Severity CVSS v4.0:
Pending analysis
Type:
CWE-78
OS Command Injections
Publication date:
29/04/2017
Last modified:
20/04/2025
Description
Tuleap before 9.7 allows command injection via the PhpWiki 1.3.10 SyntaxHighlighter plugin. This occurs in the Project Wiki component because the proc_open PHP function is used within PhpWiki before 1.5.5 with a syntax value in its first argument, and an authenticated Tuleap user can control this value, even with shell metacharacters, as demonstrated by a '
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
9.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:enalean:tuleap:*:*:*:*:*:*:*:* | 9.7 (excluding) | |
| cpe:2.3:a:phpwiki_project:phpwiki:1.3.10:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://github.com/xdrr/vulnerability-research/blob/master/webapp/tuleap/2017.04.tuleap-auth-ci.md
- https://tuleap.net/file/shownotes.php?release_id=137#/linked-artifacts
- https://tuleap.net/plugins/tracker/?aid=10159
- https://www.exploit-db.com/exploits/41953/
- https://github.com/xdrr/vulnerability-research/blob/master/webapp/tuleap/2017.04.tuleap-auth-ci.md
- https://tuleap.net/file/shownotes.php?release_id=137#/linked-artifacts
- https://tuleap.net/plugins/tracker/?aid=10159
- https://www.exploit-db.com/exploits/41953/