CVE-2015-4119

ISPConfig < 3.0.5.4 - Cross-Site Request Forgery via Admin User Creation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-4119. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary The advisory details two vulnerabilities in ISPConfig: an SQL injection (CVE-2015-4118) and a CSRF vulnerability (CVE-2015-4119). The SQL injection allows authenticated users with 'monitor' privileges to execute arbitrary SQL commands, while the CSRF vulnerability enables remote attackers to create administrative accounts by tricking authenticated administrators into visiting a crafted page.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php.

Exploits (1)

exploitdb WRITEUP

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/37259

View Code ZIP pw:eip

The advisory details two vulnerabilities in ISPConfig: an SQL injection (CVE-2015-4118) and a CSRF vulnerability (CVE-2015-4119). The SQL injection allows authenticated users with 'monitor' privileges to execute arbitrary SQL commands, while the CSRF vulnerability enables remote attackers to create administrative accounts by tricking authenticated administrators into visiting a crafted page.

Classification

Writeup 100%

Attack Type

Sqli | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: ISPConfig 3.0.5.4p6 and prior

Auth required

Prerequisites: Authenticated user with 'monitor' privileges for SQLi · Authenticated administrator for CSRF

MITRE ATT&CK