Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2018-17856

CVE-2018-17856:
Joomla RCE Vulnerability

7.2

CVSS Score

Basic Information

CVE ID
CVE-2018-17856
GHSA ID
GHSA-9m72-pw47-292w
EPSS Score
-
CWE
-
Published
5/13/2022
Updated
7/21/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
joomla/frameworkcomposer>= 2.5.4, <= 3.8.123.8.13

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability CVE-2018-17856 explicitly references improper access control in com_joomlaupdate. Joomla's component architecture uses controllers to handle user actions. The startupdate method in the JoomlaupdateControllerUpdate class is responsible for initiating updates, which involves executing code to apply patches. In vulnerable versions, the controller lacked proper authorization checks (e.g., requiring core.admin privileges), allowing lower-privileged Administrators to trigger the update process. The patch in version 3.8.13 likely enforced stricter ACL checks (e.g., core.admin) in this controller method, aligning with the advisory's description of 'inadequate default access levels'.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in Jooml*! ***or* *.*.**. *om_jooml*up**t* *llows t** *x**ution o* *r*itr*ry *o**. T** ****ult **L *on*i* *n**l** t** **ility o* **ministr*tor-l*v*l us*rs to ****ss *om_jooml*up**t* *n* tri***r *o** *x**ution.

Reasoning

T** vuln*r**ility *V*-****-***** *xpli*itly r***r*n**s improp*r ****ss *ontrol in *om_jooml*up**t*. Jooml*'s *ompon*nt *r**it**tur* us*s *ontroll*rs to **n*l* us*r **tions. T** st*rtup**t* m*t*o* in t** Jooml*up**t**ontroll*rUp**t* *l*ss is r*sponsi*