Vulnerability Details : CVE-2015-7808
Public exploit exists!
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments.
Vulnerability category: Input validation
Exploit prediction scoring system (EPSS) score for CVE-2015-7808
Probability of exploitation activity in the next 30 days: 74.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2015-7808
-
vBulletin 5.1.2 Unserialize Code Execution
Disclosure Date: 2015-11-04First seen: 2020-04-26exploit/multi/http/vbulletin_unserializeThis module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9 Authors: - Netanel Rubin - cutz - Julien (jvoisin) Voisin
CVSS scores for CVE-2015-7808
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2015-7808
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7808
-
http://pastie.org/pastes/10527766/text?key=wq1hgkcj4afb9ipqzllsq
404 Not FoundExploit
-
https://blog.sucuri.net/2015/11/vbulletin-exploits-in-the-wild.html
vBulletin Exploits in the WildExploit
-
http://packetstormsecurity.com/files/134331/vBulletin-5.1.2-Unserialize-Code-Execution.html
vBulletin 5.1.2 Unserialize Code Execution ≈ Packet StormExploit
-
http://www.rapid7.com/db/modules/exploit/multi/http/vbulletin_unserialize
vBulletin 5.1.2 Unserialize Code ExecutionExploit
-
http://blog.checkpoint.com/2015/11/05/check-point-discovers-critical-vbulletin-0-day/
Check Point Discovers Critical vBulletin 0-DayExploit
-
https://www.exploit-db.com/exploits/38629/
vBulletin 5.1.x - Remote Code ExecutionExploit
Products affected by CVE-2015-7808
- cpe:2.3:a:vbulletin:vbulletin:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.3:alpha5:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.2:beta1:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:vbulletin:vbulletin:5.1.8:*:*:*:*:*:*:*