What the vulnerability does
01Description
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
CVSS base score
CVSS vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/AU:Y/U:Red
What the vulnerability does
A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.
Explanation of Vulnerability in Simple Terms
SP Page Builder for Joomla contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files to the server over the network. An attacker can upload malicious files without authentication or user interaction, potentially leading to remote code execution. This affects versions 1.0.0 through 6.6.1.
What an attacker can do
Upload arbitrary files to the server without authentication, potentially executing malicious code.
Potential impact on your site
Attackers can upload and execute malicious code on your site, compromising all data and site functionality.
Conditions required to exploit
Network access to the Joomla site; no authentication or user interaction required.
CISA mandated remediation
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
Key dates
External resources
Related vulnerabilities