CVE-2017-17098

{"id": "CVE-2017-17098", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2018-01-02T15:29:00.327", "references": [{"url": "https://gist.github.com/pak0s/ea7a80c2614d9cd43cfb8230c65c9fec", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://s1.gps-server.net/changelog.txt", "tags": ["Vendor Advisory", "Release Notes"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/43431/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a login request."}, {"lang": "es", "value": "La funci\u00f3n writeLog en fn_common.php en gps-server.net GPS Tracking Software (autoalojada) hasta la versi\u00f3n 3.0 permite que atacantes remotos inyecten c\u00f3digo PHP arbitrario mediante una petici\u00f3n manipulada que se gestiona de manera incorrecta durante la vista de registros de administrador, tal y como demuestra en una petici\u00f3n de inicio de sesi\u00f3n."}], "lastModified": "2018-01-18T15:58:02.877", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gps-server:gps_tracking_software:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BB2C086-61E2-4FC2-B30F-584113CB7E06", "versionEndIncluding": "3.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}