Miggo Logo

CVE-2020-13664: Drupal Core Arbitrary PHP code execution vulnerability

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.82673%
Published
5/24/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
drupal/corecomposer>= 8.8.0, < 8.8.88.8.8
drupal/corecomposer>= 8.9.0, < 8.9.18.9.1
drupal/corecomposer>= 9.0.0, < 9.0.19.0.1
drupal/drupalcomposer>= 8.8.0, < 8.8.88.8.8
drupal/drupalcomposer>= 8.9.0, < 8.9.18.9.1
drupal/drupalcomposer>= 9.0.0, < 9.0.19.0.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided vulnerability information and references do not explicitly name specific vulnerable functions. While the CWE-77 classification suggests command injection issues, the advisory describes a path manipulation/creation vulnerability leading to potential RCE through directory naming rather than direct command injection. The actual vulnerable code path would likely involve directory creation/file handling functions, but without access to the specific commit diffs or patch details, we cannot definitively identify the exact functions responsible. The Windows-specific file system behavior mentioned suggests potential case sensitivity exploitation, but this would depend on Drupal's file handling implementation details not revealed in provided sources.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*r*itr*ry P*P *o** *x**ution vuln*r**ility in *rup*l *or* un**r **rt*in *ir*umst*n**s. *n *tt**k*r *oul* tri*k *n **ministr*tor into visitin* * m*li*ious sit* t**t *oul* r*sult in *r**tin* * **r**ully n*m** *ir**tory on t** *il* syst*m. Wit* t*is *ir

Reasoning

T** provi*** vuln*r**ility in*orm*tion *n* r***r*n**s *o not *xpli*itly n*m* sp**i*i* vuln*r**l* *un*tions. W*il* t** *W*-** *l*ssi*i**tion su***sts *omm*n* inj**tion issu*s, t** **visory **s*ri**s * p*t* m*nipul*tion/*r**tion vuln*r**ility l***in* t