Bugtraq mailing list archives
CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template
From: Gianluca Baldi <gianluca.baldi () mediaservice net>
Date: Mon, 27 Jan 2020 15:48:29 +0000
Dear bugtraq, Please find attached an advisory for the following vulnerability, " FusionAuth command execution via Apache Freemarker Template". Description: An authenticated attacker with enough privileges to access the template editing functions (either site templates or e-mail templates) in the FusionAuth dashboard can execute commands on the underlying operating system using the Apache FreeMarker Expression language. For further information, please refer to: https://lab.mediaservice.net/advisory/2020-03-fusionauth.txt ------------------------------------------------------------------------- Gianluca Baldi, Security Advisor Offensive Security Certified Professional (OSCP) "Program testing can be used to show the presence of bugs, but never to show their absence!" Edsger W. Dijkstra @Mediaservice.net S.r.l. Tel: +39-011-32.72.100 (centralino) Fax: +39-011-32.46.497 Via Santorelli, 15 - 10095 Grugliasco (TO) - ITALY https://www.mediaservice.net/disclaimer -------------------------------------------------------------------------
Attachment:
2020-03-fusionauth.txt
Description: 2020-03-fusionauth.txt
Current thread:
- CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template Gianluca Baldi (Jan 27)