CVE-2023-45878

Summary

CVE-2023-45878 is a vulnerability affecting GibbonEdu Gibbon version 25.0.1 and earlier. It allows unauthenticated attackers to perform Arbitrary File Write. The issue stems from the rubrics_visualise_saveAjax.phps endpoint, which fails to implement proper authentication checks. Instead, this endpoint accepts img, path, and gibbonPersonID parameters, with the img parameter expected to be a base64 encoded image. If the path parameter is set, the defined path is combined with the absolute installation directory path. Attackers can exploit this by base64 decoding the img parameter's content and writing it to the specified file path, resulting in the creation of PHP files that can lead to Remote Code Execution.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.