Скачать или смотреть CVE-2021-29447 | Read WordPress Config.php File through XXE | Wav file payload | SSRF

#CVE #XXE #wordpress

An XXE vulnerability consists of an injection that takes advantage of the poor configuration of the XML interpreter. This allows us to include external entities, enabling us attack to applications that interpret XML language in their parameters. We'll explore a recent XXE vulnerability, albeit one that comes with some situational caveats.

Researchers at security firm SonarSource discovered an XML external entity injection (XXE) security flaw in the WordPress Media Library. The vulnerability can be exploited only when this CMS runs in PHP 8 and the attacking user has permission to upload media files. Take note of the latter condition as we walk through an example of exploiting this vulnerability below.


Impact

Arbitrary File Disclosure: The contents of any file on the host’s file system could be retrieved, e.g. wp-config.php which contains sensitive data such as database credentials.
Server-Side Request Forgery (SSRF): HTTP requests could be made on behalf of the WordPress installation. Depending on the environment, this can have a serious impact.


__/Social Media\___
LinkedIn:   / chandan-singh-ghodela  
Twitter:   / chandanghodela  
Instagram: https://instagram/chandan.ghodela

HashTags
#cve #cybersecurity #infosec #pentesting #informationsecurity #ethicalhacking #redteam #bugbounty #e #cybernews #blueteam #hackernews #informationtechnology #cybersec #infosecurity #it #xxe #wordpress #security #wordpresssecurity #new #vulnerability #remotecodeexecution #RCE #wpconfig #exploit #0day