Unauthenticated RCE in Laravel Ignition via File Upload
In affected versions of Laravel Ignition a attack can execute arbitrary code because of the insecure usage of file_get_contents()
and file_put_contents()
.
This is only exploitable for websites that use debug mode.
- Laravel Ignition < 2.5.2 and Laravel < 8.4.2
- This exploit needs a php gadget and is therefore using phpggc. You can do this the following ways:
- If you haven't already cloned:
git clone https://github.com/cc3305/CVE-2021-3129.git --recursive --shallow-submodules
- Or if you have already cloned in, run this in the local git repo
git submodule update --init --depth 1
- If you haven't already cloned: