CVE-2018-19290

{"id": "CVE-2018-19290", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-11-30T18:29:00.567", "references": [{"url": "http://packetstormsecurity.com/files/150391/Budabot-4.0-Denial-Of-Service.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2018/Nov/44", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as demonstrated by the \"!calc 5 x 5\" command. In versions before 3.0, modules/HELPBOT_MODULE/calc.php has the vulnerable code; in 3.0 and above, modules/HELPBOT_MODULE/HelpbotController.class.php has the vulnerable code."}, {"lang": "es", "value": "En modules/HELPBOT_MODULE en Budabot, desde la versi\u00f3n 0.6 hasta la 4.0, la validaci\u00f3n de la sintaxis lax permite que atacantes remotos realicen un ataque de inyecci\u00f3n de comandos contra el demonio PHP con un comandos manipulado, lo que resulta en una denegaci\u00f3n de servicio (DoS) o en otro tipo de impacto sin especificar, tal y como queda demostrado con el comando \"!calc 5 x 5\". En versiones anteriores a la 3.0, modules/HELPBOT_MODULE/calc.php tiene el c\u00f3digo vulnerable; en versiones 3.0 y posteriores, modules/HELPBOT_MODULE/HelpbotController.class.php tiene el c\u00f3digo vulnerable."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:budabot:budabot:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8887AB38-2B68-4CA4-9BC2-04C78FF27387", "versionEndIncluding": "4.0", "versionStartIncluding": "0.6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}