漏洞标题
N/A
漏洞描述信息
攻击者可以向XML-RPC调用脚本发送特定的payload,并在"openads.spc"RPC方法的"what"参数上触发unserialize()调用。这种漏洞可以用于执行各种攻击,例如利用解 serialize()相关的PHP漏洞或PHP对象注入。尽管尚未证实,但攻击者可能已经利用此漏洞获得了某些 Revive Adserver 实例的访问权限,并将其传递给第三方网站以传播恶意软件。此漏洞在4.2.0版本中得到了解决。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities or PHP object injection. It is possible, although unconfirmed, that the vulnerability has been used by some attackers in order to gain access to some Revive Adserver instances and deliver malware through them to third party websites. This vulnerability was addressed in version 4.2.0.
CVSS信息
N/A
漏洞类别
可信数据的反序列化
漏洞标题
Revive Adserver 代码问题漏洞
漏洞描述信息
Revive Adserver是Revive Adserver团队的一套开源的广告管理系统。该系统提供广告投放、广告位管理、数据统计等功能。 Revive Adserver 4.2.0之前版本中delivery XML-RPC脚本存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。
CVSS信息
N/A
漏洞类别
代码问题