CVE-2023-29006 HIGH

CVE-2023-29006: Order GLPI plugin vulnerable to remote code execution from authenticated user

Vendor Pluginsglpi
Product order
Weakness CWE-502 · Unsafe deserialization
Published April 5, 2023
Last update February 10, 2025
View on NVD All CVEs

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The Order GLPI plugin allows users to manage order management within GLPI. Starting with version 1.8.0 and prior to versions 2.7.7 and 2.10.1, an authenticated user that has access to standard interface can craft an URL that can be used to execute a system command. Versions 2.7.7 and 2.10.1 contain a patch for this issue. As a workaround, delete the `ajax/dropdownContact.php` file from the plugin.

Key dates

02Disclosure timeline

April 5, 2023 CVE published
February 10, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-21703 Azure Data Box Gateway Remote Code Execution Vulnerability CVE-2024-5016 WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability CVE-2026-7566 LearnPress – Backup & Migration Tool <= 4.1.4 - Authenticated (Administrator+) PHP Object Injection via WXR XML File Upload CVE-2025-62703 Fugue is Vulnerable to Remote Code Execution by Pickle Deserialization via FlaskRPCServer CVE-2024-4413 Hotel Booking Lite <= 4.11.1 - Unauthenticated PHP Object Injection