Plataforma
php
Componente
adminserv
CVE-2020-36637 describes a cross-site scripting (XSS) vulnerability discovered in Chris92de AdminServ. This flaw allows attackers to inject malicious scripts into the application, potentially compromising user sessions and data. The vulnerability affects versions prior to the patch identified as 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7. It is crucial to note that this vulnerability only impacts products no longer supported by the maintainer.
Successful exploitation of CVE-2020-36637 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to a variety of malicious actions, including session hijacking, defacement of the application, and theft of sensitive information like cookies and authentication tokens. The attacker can manipulate the 'text' argument within the adminserv.php file to inject the malicious script. Given the XSS nature, the impact can range from minor annoyance to complete compromise of the affected system, depending on the attacker's goals and the privileges of the targeted user.
CVE-2020-36637 was publicly disclosed in December 2022. There is no indication of active exploitation campaigns targeting this vulnerability at this time. The vulnerability is not listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, likely due to the product's discontinued support and limited user base.
The primary risk is to organizations still using Chris92de AdminServ, particularly those who have not migrated to a supported alternative. Shared hosting environments where multiple users share the same instance of AdminServ are also at increased risk, as an attacker could potentially compromise other users through this vulnerability.
• wordpress / composer / npm:
grep -r "text = " /var/www/html/resources/core/adminserv.php• generic web:
curl -I http://your-adminserv-url/resources/core/adminserv.php?text=<script>alert('XSS')</script>disclosure
Status do Exploit
EPSS
0.25% (percentil 48%)
Vetor CVSS
The primary mitigation for CVE-2020-36637 is to apply the patch identified as 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7. However, as the product is no longer supported, applying this patch may be challenging. Consider isolating the vulnerable instance to prevent external access. If upgrading is not feasible, implement strict input validation and output encoding on all user-supplied data within the application to prevent XSS attacks. Web application firewalls (WAFs) can also be configured to detect and block malicious script injections. After applying the patch or implementing workarounds, verify the fix by attempting to inject a simple XSS payload (e.g., <script>alert('XSS')</script>) and confirming that it is properly neutralized.
Aplicar el parche proporcionado en el commit 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7 para corregir la vulnerabilidad XSS. Dado que el proyecto no está mantenido, considere migrar a una alternativa segura o realizar una revisión exhaustiva del código para identificar y corregir otras posibles vulnerabilidades.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2020-36637 is a cross-site scripting (XSS) vulnerability in Chris92de AdminServ, allowing attackers to inject malicious scripts via the 'text' argument.
You are affected if you are using a version of Chris92de AdminServ prior to the patch 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7, and the product is no longer supported.
Apply the patch 3ed17dab3b4d6e8bf1c82ddfbf882314365e9cd7. If upgrading is not possible, isolate the instance and implement strict input validation.
There is currently no evidence of active exploitation campaigns targeting CVE-2020-36637.
Due to the product being unsupported, an official advisory may not be available. Consult vulnerability databases like NVD for more information.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.