An unauthenticated malicious actor can execute arbitrary system commands via "functions/ajax_system.php". This has a critical impact in the security of the system, for example
Just wanted to reply and acknowledge that we have seen this. I have tested and reproduced your results. While the chances of an attack on one of these setups is likely slim, we will be looking at ways to address this in a future release. Thanks for your diligence.
This should be corrected/improved. The code inside the PHP file in now wrapped inside of a session check to ensure that the user is logged in before it will execute the code. Commit 3f31127 has been applied to 2.2.x branch.
An unauthenticated malicious actor can execute arbitrary system commands via "functions/ajax_system.php". This has a critical impact in the security of the system, for example
The only limit is imagination.
Regards!
The text was updated successfully, but these errors were encountered: