CVE-2021-39165
Description
Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTrait#scopeSearch()
. Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator's password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet\> is not active, the stable version 2.3.18 and it's developing 2.4 branch is affected.
NVD
Severity: MEDIUM
CVE ID: CVE-2021-39165
CVSS Score: 6.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
GitHub, Inc.
Severity: HIGH
CVE ID: CVE-2021-39165
CVSS Score: 8.1
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Proof Of Concept
Nuclei Templates for CVE-2021-39165
Refrence: Project Discovery GitHub
W0rty
Github repository which contains a functional exploit for CVE-2021-39165
Refrence: GitHub
manbolq
Python3 POC for CVE-2021-39165 in CachetHQ
Refrence: GitHub