Miggo Logo
Miggo Vulnerability Database
CVE-2023-48217

CVE-2023-48217:
Statamic CMS vulnerable to remote code execution via form uploads

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-48217
GHSA ID
GHSA-2r53-9295-3m86
EPSS Score
0.76564%
CWE
CWE-94
Published
11/14/2023
Updated
11/22/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
statamic/cmscomposer>= 4.0.0, < 4.34.04.34.0
statamic/cmscomposer< 3.4.143.4.14

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from incomplete file extension validation in three key file upload handlers. All three modified functions used an insufficient list of PHP-related extensions (php, php3-5, phtml) in their in_array() checks, missing php7, php8, and phar. The patch explicitly adds these extensions, confirming these validation closures were the vulnerable points. These functions handle file upload validation for both front-end forms and control panel assets, making them direct vectors for bypassing security controls.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t Simil*r to [*not**r **visory](*ttps://*it*u*.*om/st*t*mi*/*ms/s**urity/**visori*s/**S*-****-*wr*-rm**), **rt*in ***ition*l P*P *il*s *r**t** to look lik* im***s m*y ** uplo**** r***r*l*ss o* mim* typ* v*li**tion rul*s. T*is *****ts *ront-

Reasoning

T** vuln*r**ility st*ms *rom in*ompl*t* *il* *xt*nsion v*li**tion in t*r** k*y *il* uplo** **n*l*rs. *ll t*r** mo*i*i** *un*tions us** *n insu**i*i*nt list o* P*P-r*l*t** *xt*nsions (p*p, p*p*-*, p*tml) in t**ir in_*rr*y() ****ks, missin* p*p*, p*p*,