Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

CVE - CVE-2020-7799 - FusionAuth command execution via Apache Freemarker Template

From: Gianluca Baldi <gianluca.baldi () mediaservice net>
Date: Mon, 27 Jan 2020 15:48:29 +0000
Dear bugtraq,

Please find attached an advisory for the following vulnerability, " FusionAuth command execution via Apache Freemarker 
Template".
Description:    An authenticated attacker with enough privileges to access the template editing functions (either site 
templates or e-mail templates) in the FusionAuth dashboard can execute commands on the underlying operating system 
using the Apache FreeMarker Expression language.

For further information, please refer to: 

        https://lab.mediaservice.net/advisory/2020-03-fusionauth.txt 
        
-------------------------------------------------------------------------
Gianluca Baldi,  Security Advisor                   
Offensive Security Certified Professional (OSCP)

"Program testing can be used to show the presence of bugs, but never to show their absence!" Edsger W. Dijkstra

@Mediaservice.net S.r.l.         
Tel: +39-011-32.72.100  (centralino) 
Fax: +39-011-32.46.497
Via Santorelli, 15 - 10095 Grugliasco (TO) - ITALY  
https://www.mediaservice.net/disclaimer
-------------------------------------------------------------------------

Attachment: 2020-03-fusionauth.txt
Description: 2020-03-fusionauth.txt

Previous By Date Next
Previous By Thread Next

Current thread: