プラットフォーム
wordpress
コンポーネント
advanced-access-manager
修正版
5.9.9
CVE-2019-25213 is an unauthenticated Arbitrary File Read vulnerability affecting the Advanced Access Manager plugin for WordPress. This vulnerability allows attackers to read any file on the server, potentially exposing sensitive information like database credentials. It impacts versions of the plugin up to and including 5.9.8.1; a fix is available in version 5.9.9.
The primary impact of CVE-2019-25213 is the potential for unauthorized access to sensitive files on the web server. An attacker can exploit this vulnerability by crafting a malicious request that targets the aam-media parameter without proper validation. Successful exploitation allows the attacker to read any file accessible to the web server process, including the wp-config.php file, which contains database credentials, API keys, and other critical configuration data. Compromise of wp-config.php could lead to complete website takeover, data breaches, and further malicious activity. This vulnerability is particularly concerning because it requires no authentication, making it easily exploitable by a wide range of attackers.
CVE-2019-25213 was publicly disclosed on 2019-12-16. While no active exploitation campaigns have been definitively linked to this specific CVE, the ease of exploitation and the potential for significant impact make it a persistent risk. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are readily available, increasing the likelihood of opportunistic attacks.
WordPress websites utilizing the Advanced Access Manager plugin, particularly those running versions prior to 5.9.9, are at significant risk. Shared hosting environments are especially vulnerable as they often have limited control over server file permissions and plugin updates. Websites with legacy configurations or those that haven't implemented robust security practices are also more susceptible to exploitation.
• wordpress / composer / npm:
grep -r 'aam-media' /var/www/html/wp-content/plugins/• generic web:
curl -I 'http://your-wordpress-site.com/wp-content/plugins/advanced-access-manager/aam-media?aam-media=../../../../wp-config.php' • wordpress / composer / npm:
wp plugin list | grep 'Advanced Access Manager'• wordpress / composer / npm:
find /var/www/html/wp-content/plugins/ -name 'advanced-access-manager.php' -printdisclosure
public report
エクスプロイト状況
EPSS
46.13% (98% パーセンタイル)
CISA SSVC
CVSS ベクトル
The primary mitigation for CVE-2019-25213 is to immediately upgrade the Advanced Access Manager plugin to version 5.9.9 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing a temporary workaround by restricting access to the vulnerable endpoint using a web application firewall (WAF) or proxy server. Specifically, block requests to the aam-media parameter with invalid or unexpected values. Regularly review file permissions on the server to ensure that sensitive files are not accessible by the web server process. After upgrading, confirm the fix by attempting to access the vulnerable endpoint with a crafted request; the server should return an error indicating access is denied.
Advanced Access Managerプラグインをバージョン5.9.9以降にアップデートしてください。このバージョンには、任意のファイル読み出しを防止するセキュリティ修正が含まれています。アップデートはWordPress管理画面から直接行うことができます。
脆弱性分析と重要アラートをメールでお届けします。
CVE-2019-25213 is a critical vulnerability in the Advanced Access Manager WordPress plugin allowing unauthenticated attackers to read any file on the server, including sensitive configuration files.
You are affected if you are using Advanced Access Manager version 5.9.9 or earlier. Immediately check your plugin version and upgrade if necessary.
Upgrade the Advanced Access Manager plugin to version 5.9.9 or later. As a temporary workaround, restrict access to the vulnerable endpoint using a WAF or proxy server.
While no confirmed active campaigns are publicly known, the ease of exploitation and availability of PoCs suggest a risk of opportunistic attacks.
Refer to the Advanced Access Manager plugin documentation and website for the latest security advisories and updates: https://advancedaccessmanager.com/
依存関係ファイルをアップロードすれば、このCVEや他のCVEがあなたに影響するか即座にわかります。