Plattform
php
Komponente
eclass
Behoben in
2.25.10.2.1
CVE-2019-9886 describes an Arbitrary File Access vulnerability affecting BroadLearning eClass versions up to 2.25.10.2.1. This flaw allows unauthenticated attackers to download arbitrary files from the server, potentially exposing sensitive data. The vulnerability resides in the download_attachment.php script within the templates or home folders. A patch is available in version 2.25.10.2.1.
The impact of CVE-2019-9886 is significant due to the ease of exploitation and the potential for sensitive data exposure. An attacker can leverage this vulnerability to download any file accessible by the webserver process, including configuration files, source code, database backups, and user data. This could lead to complete compromise of the eClass installation and potentially the underlying server. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of threat actors. Successful exploitation could result in data breaches, intellectual property theft, and disruption of educational services.
CVE-2019-9886 was publicly disclosed on July 11, 2019. While no active exploitation campaigns have been definitively confirmed, the ease of exploitation and the critical severity of the vulnerability make it a likely target for opportunistic attackers. No public proof-of-concept (PoC) code has been widely distributed, but the vulnerability is relatively straightforward to exploit, increasing the risk of exploitation. The vulnerability is not currently listed on the CISA KEV catalog.
Educational institutions and organizations utilizing BroadLearning eClass are at significant risk. Specifically, those running older, unpatched versions of eClass (≤2.25.10.2.1) are highly vulnerable. Shared hosting environments where multiple users share the same server instance are also at increased risk, as a compromise of one eClass instance could potentially affect others.
• php: Examine web server access logs for requests to download_attachment.php originating from unusual IP addresses or user agents.
grep 'download_attachment.php' /var/log/apache2/access.log | grep -v '127.0.0.1' • php: Check for the presence of the download_attachment.php file in the templates and home directories of the eClass installation.
find /var/www/html/eclass -name 'download_attachment.php' • generic web: Monitor network traffic for HTTP requests containing the download_attachment.php URL.
• generic web: Review eClass configuration files for any unusual or unauthorized access controls related to file downloads.
disclosure
Exploit-Status
EPSS
0.47% (65% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2019-9886 is to immediately upgrade BroadLearning eClass to version 2.25.10.2.1 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Restrict access to the downloadattachment.php file using web application firewall (WAF) rules or proxy configurations to block unauthorized requests. Review file permissions on the server to ensure that only authorized users have access to sensitive files. Monitor access logs for suspicious activity related to the downloadattachment.php file. After upgrading, confirm the vulnerability is resolved by attempting to access a sensitive file via the vulnerable URL; access should be denied.
Aktualisieren Sie die eClass Plattform auf Version ip.2.5.10.2.1 oder höher. Dieses Update behebt die Schwachstelle, die das Herunterladen beliebiger Dateien ohne Authentifizierung ermöglicht.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2019-9886 is a critical vulnerability in BroadLearning eClass versions up to 2.25.10.2.1 that allows attackers to download arbitrary files without authentication.
You are affected if you are using eClass version 2.25.10.2.1 or earlier. Check your version and upgrade immediately.
Upgrade eClass to version 2.25.10.2.1 or later. As a temporary workaround, configure a WAF to block requests to download_attachment.php.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation make it a likely target.
Refer to the BroadLearning security advisory for details: [https://www.broadlearning.org/security-advisories/](https://www.broadlearning.org/security-advisories/)
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.