logo

Database

Improper authorization control for web services In phpmyadmin/phpmyadmin

Description

phpMyAdmin Improper Authentication An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2018-126132. NVD-2018-126133. OSV-2018-126134. GCVE-2018-126135. security.gentoo.org

References

1. https://www.exploit-db.com/exploits/449242. https://www.exploit-db.com/exploits/449283. https://www.exploit-db.com/exploits/450204. https://www.phpmyadmin.net/security/PMASA-2018-45. http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html6. http://www.securityfocus.com/bid/1045327. https://vulncheck.com/cve/CVE-2018-126138. https://www.exploit-db.com/exploits/504579. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-12613.yaml10. https://github.com/0x00-0x00/CVE-2018-1261311. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/phpmyadmin_lfi_rce.rb

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.