


Example analysis of vBulletin 5.x remote code execution vulnerability
vBulletin##Component##IntroductionvBulletin is the global leader in forum and community publishing software. Its security, powerful management functions and speed, and its ability to serve more than 40,000 online communities are highly favored by customers. Many large forums have chosen vBulletin as their community. From the customer list displayed on the official website of vBulletin, we can know that the famous game production company EA, the famous game platform Steam, Japan's large multinational company Sony, and the United States NASA are all its customers. vBulletin is efficient, stable and safe. In China There are also many large customers, such as Hummingbird.com, 51 Group Buying, Ocean Tribe and other online forums with tens of thousands of people using vBulletin.
Vulnerability descriptionOn August 11, 2020, the Sangfor security team tracked a remote code execution vulnerability in vBulletin 5.x version 0-day information. This 0-day vulnerability is a bypass of the vBulletin CVE-2019-16759 vulnerability patch in 2019. The vulnerability is rated as high risk. This vulnerability affects all versions of the vBulletin 5.x series, and the official has not fixed the vulnerability and provided a solution. Remote attackers can execute arbitrary code, control the target server or steal sensitive user information through carefully constructed malicious parameters.
Vulnerability ReproductionBy reproducing the vulnerability in vBulletin 5.x version, execute the echo command, the effect is as shown below:
Scope of influenceIt can be known from the cyberspace search engine that on a global scale, open to the Internet There are nearly 30,000 vBulletin websites, many of which are international community forums maintained by large international companies, so the impact of this vulnerability is large.
The currently affected version is:
vBulletin 5.x, that is, all versions of the vBulletin 5 series are affected.
Repair Suggestions
##vBulletin has not officially fixed this vulnerability. Users affected by this vulnerability are advised to pay attention to the vBulletin official website. Get the latest fix: https://www.vbulletin.com/- Temporary solution: vBulletin owners can prevent exploitation by making the following changes to the forum's settings:
- Click "Settings" in the left menu and click the drop-down "Options"
- Select "General Settings" in the menu, then click "Edit Settings"
- Look for "Disable PHP, Static HTML , and Ad Module rendering"", set to "YES", and then save.
The above is the detailed content of Example analysis of vBulletin 5.x remote code execution vulnerability. For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

WebStorm Mac version
Useful JavaScript development tools

Dreamweaver Mac version
Visual web development tools

PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool

MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

Zend Studio 13.0.1
Powerful PHP integrated development environment