CVE-2015-8562
HIGH severity · CVSS 7.5 · Improper input validation
7.5CVSS HIGH
Summary
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)98%
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.htmlAdvisory
- http://packetstormsecurity.com/files/135100/Joomla-3.4.5-Object-Injection.html
- http://www.rapid7.com/db/modules/exploit/multi/http/joomla_http_header_rce
- http://www.securityfocus.com/archive/1/537219/100/0/threaded
- http://www.securityfocus.com/bid/79195
- http://packetstormsecurity.com/files/134949/Joomla-HTTP-Header-Unauthenticated-Remote-Code-Execution.htmlExploit
- https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.htmlExploit
- https://www.exploit-db.com/exploits/38977/Exploit