Plattform
wordpress
Komponente
mailster
Behoben in
4.0.7
CVE-2024-32523 identifies a Path Traversal vulnerability within EverPress Mailster, allowing for PHP Local File Inclusion. This flaw enables attackers to potentially access and include arbitrary files on the server, leading to sensitive data exposure or even remote code execution. The vulnerability impacts Mailster versions up to 4.0.6, and a patch is available in version 4.0.7.
The core of this vulnerability lies in the improper handling of file paths within Mailster. An attacker can craft malicious requests that manipulate the pathname, bypassing intended restrictions and accessing files outside the designated directory. Successful exploitation could allow an attacker to read sensitive configuration files, source code, or even execute arbitrary PHP code if the included file is writable. This could lead to complete compromise of the WordPress instance and potentially the underlying server, depending on the permissions and configuration of the web server environment. The potential for remote code execution significantly elevates the risk associated with this vulnerability.
CVE-2024-32523 was publicly disclosed on 2024-05-17. As of this writing, there are no publicly available Proof-of-Concept (PoC) exploits. The vulnerability is not currently listed on the CISA KEV catalog. The probability of exploitation is considered medium, given the relatively straightforward nature of path traversal vulnerabilities and the potential for automated scanning and exploitation.
WordPress websites utilizing the Mailster plugin, particularly those running versions 4.0.6 or earlier, are at risk. Shared hosting environments where users have limited control over server configurations are especially vulnerable, as are sites with legacy configurations that haven't been regularly updated.
• wordpress / composer / npm:
grep -r "../" /var/www/html/wp-content/plugins/mailster/*• generic web:
curl -I 'http://your-wordpress-site.com/wp-content/plugins/mailster/../../../../etc/passwd'• wordpress / composer / npm:
wp plugin list --status=inactive | grep mailster• wordpress / composer / npm:
wp plugin update mailster --alldisclosure
Exploit-Status
EPSS
29.03% (97% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-32523 is to immediately upgrade Mailster to version 4.0.7 or later. If upgrading is not immediately feasible due to compatibility concerns or breaking changes, consider implementing a temporary workaround by restricting file access permissions on the WordPress server. Specifically, ensure that the web server user has minimal privileges and cannot write to directories containing sensitive files. Additionally, implement a Web Application Firewall (WAF) rule to block requests containing path traversal sequences (e.g., ../). Monitor access logs for suspicious activity, particularly requests containing unusual file paths.
Actualice el plugin Mailster a una versión posterior a la 4.0.6. Esto solucionará la vulnerabilidad de inclusión de archivos locales no autenticada. Puede actualizar el plugin directamente desde el panel de administración de WordPress.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-32523 is a Path Traversal vulnerability in Mailster allowing attackers to include arbitrary files, potentially leading to sensitive data exposure or remote code execution.
Yes, if you are using Mailster version 4.0.6 or earlier, you are affected by this vulnerability.
Upgrade Mailster to version 4.0.7 or later. If immediate upgrade is not possible, implement temporary workarounds like restricting file access and using a WAF.
There is currently no indication of active exploitation campaigns, but the vulnerability's nature suggests a PoC may emerge.
Refer to the EverPress website and WordPress plugin repository for the official advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.