4762: Critical Security Vulnerability in Composr CMS - Composr CMS feature tracker

ID	Project	Category	View Status	Date Submitted	Last Update

4762	Composr documentation	General / Uncategorised	private	2022-01-10 03:43	2022-01-14 18:17

Reporter	Guest	Assigned To	Chris Graham
Priority	normal	Severity	Security-hole
Status	resolved	Resolution	fixed

Summary	4762: Critical Security Vulnerability in Composr CMS
Description	Dear Team, There is a critical security vulnerability exists in Composr CMS which allows an attacker to completely compromise the SYSTEM by exploiting it through Remote Code Execution. Please let me know if there is any Reward/Bug Bunty being offered by Composr Team so that I can elaborate with all necessary details including POC of Video as well. I am not able to create my account in your website so please get back to me on my mail ID in case if you want further discussion on the same. Regards, CI, Security Researcher. [email protected]
Tags	No tags attached.
Attach Tags	(Separate by ",")
Attached Files

Time estimation (hours)
Sponsorship open

Date Added	Member	Amount Sponsored

admin 2022-01-14 18:17 administrator ~7256	Automated response: Explain that administrative accounts can control web hosting Some people may be naive and provide web hosting for a Composr site, without realizing they are effectively giving any administrator of that site control of their hosting. This is not unique to Composr by any means. Web interface installation of PHP-based addons is a very common feature in CMS and forum software, and a necessary process for the audience Composr is targeted for. Composr goes further with a remote shell, but there's no escalation because the same could be achieved by uploading malicious addons. Just document this in the installation tutorial to make sure it is understood by those who do their research.

admin 2022-01-14 18:17 administrator ~7257	Fixed in git commit dfd49eb84 (https://gitlab.com/composr-foundation/composr/commit/dfd49eb84 - link will become active once code pushed to GitLab) A hotfix (a TAR of files to upload) has been uploaded to this issue. These files are made to the latest intra-version state (i.e. may roll in earlier fixes too if made to the same files) - so only upload files newer than what you have already. If there are files in a hot-fix that you don't have then they probably relate to addons that you don't have installed and should be skipped. Always take backups of files you are replacing or keep a copy of the manual installer for your version, and only apply fixes you need. These hotfixes are not necessarily reliable or well supported. Not sure how to extract TAR files to your Windows computer? Try 7-zip (http://www.7-zip.org/). hotfix-4762, 2022-01-14 6pm.tar (2,048 bytes)

Date Modified	Username	Field	Change
2022-01-10 03:43	Guest	New Issue
2022-01-11 03:00	Adam Edington	Assigned To	=> Chris Graham
2022-01-11 03:00	Adam Edington	Status	Not Assigned => Assigned
2023-02-26 18:29	Chris Graham	Category	General => General / Uncategorised