Vulnerability Details : CVE-2013-6129
Public exploit exists!
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] parameters, as exploited in the wild in October 2013.
Exploit prediction scoring system (EPSS) score for CVE-2013-6129
Probability of exploitation activity in the next 30 days: 75.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-6129
-
vBulletin Administrator Account Creation
Disclosure Date: 2013-10-09First seen: 2020-04-26auxiliary/admin/http/vbulletin_upgrade_adminThis module abuses the "install/upgrade.php" component on vBulletin 4.1+ and 4.5+ to create a new administrator account, as exploited in the wild on October 2013. This module has been tested successfully on vBulletin 4.1.5 and 4.1.0. Authors: - Unknown - j
CVSS scores for CVE-2013-6129
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-6129
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-6129
-
http://www.vbulletin.com/forum/forum/vbulletin-announcements/vbulletin-announcements_aa/3991423-potential-vbulletin-exploit-vbulletin-4-1-vbulletin-5
vBulletin Install System Exploit (vBulletin 4.1+, vBulletin 5+) - vBulletin Community ForumVendor Advisory
-
http://www.net-security.org/secworld.php?id=15743
Dangerous vBulletin exploit in the wild - Help Net SecurityExploit
Products affected by CVE-2013-6129
- cpe:2.3:a:vbulletin:vbulletin:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:*:*:*:*:*:*:*