.. / CVE-2022-21705

Exploit for October CMS - Remote Code Execution (CVE-2022-21705)

Description:

October CMS is susceptible to remote code execution. In affected versions, user input is not properly sanitized before rendering. An authenticated user with the permissions to create, modify, and delete website pages can bypass cms.safe_mode and cms.enableSafeMode in order to execute arbitrary code. This affects admin panels that rely on safe mode and restricted permissions.

Nuclei Template

View the template here CVE-2022-21705.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-21705.yaml

References:

https://github.com/cyllective/CVEs
https://cyllective.com/blog/post/octobercms-cve-2022-21705/
https://github.com/octobercms/library/commit/c393c5ce9ca2c5acc3ed6c9bb0dab5ffd61965fe
https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22
https://nvd.nist.gov/vuln/detail/CVE-2022-21705

.. / CVE-2022-21705 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for October CMS - Remote Code Execution (CVE-2022-21705)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2022-21705