| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID:
<AM7P189MB0615982900FBB48C21108505E40B0@AM7P189MB0615.EURP189.PROD.OUTLOOK.COM>
Date: Mon, 27 Jan 2020 15:48:29 +0000
From: Gianluca Baldi <gianluca.baldi@...iaservice.net>
To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: CVE - CVE-2020-7799 - FusionAuth command execution via Apache
Freemarker Template
Dear bugtraq,
Please find attached an advisory for the following vulnerability, " FusionAuth command execution via Apache Freemarker Template".
Description: An authenticated attacker with enough privileges to access the template editing functions (either site templates or e-mail templates) in the FusionAuth dashboard can execute commands on the underlying operating system using the Apache FreeMarker Expression language.
For further information, please refer to:
https://lab.mediaservice.net/advisory/2020-03-fusionauth.txt
-------------------------------------------------------------------------
Gianluca Baldi, Security Advisor
Offensive Security Certified Professional (OSCP)
"Program testing can be used to show the presence of bugs, but never to show their absence!" Edsger W. Dijkstra
@Mediaservice.net S.r.l.
Tel: +39-011-32.72.100 (centralino)
Fax: +39-011-32.46.497
Via Santorelli, 15 - 10095 Grugliasco (TO) - ITALY
https://www.mediaservice.net/disclaimer
-------------------------------------------------------------------------
View attachment "2020-03-fusionauth.txt" of type "text/plain" (3700 bytes)
Powered by blists - more mailing lists