Miggo Logo
Miggo Vulnerability Database
GHSA-j66p-fvp2-fxhj

GHSA-j66p-fvp2-fxhj:
Drupal core Arbitrary PHP code execution

7.8

CVSS Score
3.1

Basic Information

CVE ID
-
GHSA ID
GHSA-j66p-fvp2-fxhj
EPSS Score
-
CWE
CWE-94
Published
5/15/2024
Updated
5/15/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
drupal/drupalcomposer>= 7.0.0, < 7.757.75
drupal/drupalcomposer>= 8.0.0, < 8.8.128.8.12
drupal/drupalcomposer>= 8.9.0, < 8.9.108.9.10
drupal/drupalcomposer>= 9.0.0, < 9.0.99.0.9

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from Drupal's use of a vulnerable PEAR Archive_Tar library version. The Tar archiver component (Drupal\Component\Archiver\Tar) directly interacts with this library. Its extract() method calls Archive_Tar::extract(), which had directory traversal and symlink vulnerabilities. When Drupal processes user-uploaded archives through this component (common in core/modules/file or update manager), it enables attackers to write arbitrary files - including PHP payloads - to the filesystem. The connection between Archive_Tar vulnerabilities and Drupal's file processing architecture makes Tar::extract() the primary vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *rup*l proj**t us*s t** P**R *r**iv*_T*r li*r*ry. T** P**R *r**iv*_T*r li*r*ry **s r*l**s** * s**urity up**t* t**t imp**ts *rup*l. *or mor* in*orm*tion pl**s* s**: *V*-****-***** *V*-****-***** Multipl* vuln*r**iliti*s *r* possi*l* i* *rup*l is

Reasoning

T** vuln*r**ility st*ms *rom *rup*l's us* o* * vuln*r**l* P**R *r**iv*_T*r li*r*ry v*rsion. T** T*r *r**iv*r *ompon*nt (*rup*l\*ompon*nt\*r**iv*r\T*r) *ir**tly int*r**ts wit* t*is li*r*ry. Its *xtr**t() m*t*o* **lls *r**iv*_T*r::*xtr**t(), w*i** ***