CVE-2018-17207

CRITICAL EXPLOITED NUCLEI LAB

Snap Creek Duplicator <1.2.42 - Code Injection

Title source: llm

Description

An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution.

Exploits (2)

nomisec WORKING POC

by cved-sources · poc

https://github.com/cved-sources/cve-2018-17207

View Code ZIP pw:eip

metasploit WORKING POC MANUAL

by Julien Legras <[email protected]>, Thomas Chauchefoin <[email protected]> · rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/php/wp_duplicator_code_inject.rb

View Code ZIP pw:eip

Nuclei Templates (1)

WordPress Duplicator Plugin < 1.2.42 - Arbitrary Code Execution

CRITICALVERIFIEDby synacktiv,iamnoooob,pdresearch

References (2)

[Vendor Advisory] https://snapcreek.com/duplicator/docs/changelog/?lite

[Exploit, Third Party Advisory] https://www.synacktiv.com/ressources/advisories/WordPress_Duplicator-1.2.40-RCE.pdf

Scores

CVSS v3 9.8

EPSS 0.9123

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull cved/base-wordpress

https://github.com/cved-sources/cve-2018-17207

https://github.com/rapid7/metasploit-framework

View in Library

Details

VulnCheck KEV 2023-02-01

CWE

CWE-94

Status published

Products (1)

awesomemotive/duplicator < 1.2.42

Published Sep 19, 2018

Tracked Since Feb 18, 2026