Miggo Logo
Miggo Vulnerability Database
CVE-2020-13155

CVE-2020-13155: NukeViet Cross-Site Request Forgery (CSRF)

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-13155
GHSA ID
GHSA-7rw5-6pr4-fgh3
EPSS Score
0.37624%
CWE
CWE-352
Published
5/24/2022
Updated
4/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
nukeviet/nukevietcomposer= 4.4.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability occurs in the clearsystem.php logic (accessed via admin/index.php?nv=webtools&op=clearsystem). The exploit demonstrates that the deltype parameter is passed unsanitized to nv_insert_logs() (line 58 of clearsystem.php), which persists the input into logs. When viewed in the admin panel, this results in HTML injection. The absence of CSRF tokens in the form handler allows attackers to forge requests. While the exact function name processing the form isn't explicitly stated, nv_insert_logs is directly implicated as the vulnerable logging mechanism.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

`*l**rsyst*m.p*p` in Nuk*Vi*t *.* *llows *SR* wit* r*sult*nt *TML inj**tion vi* t** **ltyp* p*r*m*t*r to t** `**min/in**x.p*p?nv=w**tools&op=*l**rsyst*m` URI.

Reasoning

T** vuln*r**ility o**urs in t** `*l**rsyst*m.p*p` lo*i* (****ss** vi* `**min/in**x.p*p?nv=w**tools&op=*l**rsyst*m`). T** *xploit **monstr*t*s t**t t** `**ltyp*` p*r*m*t*r is p*ss** uns*nitiz** to `nv_ins*rt_lo*s()` (lin* ** o* *l**rsyst*m.p*p), w*i**