Laravel added to CISA Known Exploited Vulnerability Catalog - 20240117001

Overview

CISA has added Laravel vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

What is the Vulnerability?

CVE-2018-15133 - This vulnerability may allow remote code execution as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value.

What is vulnerable?

Product(s) Affected	Summary	Severity	CVSS
Laravel Framework versions through: 5.5.40 and 5.6.x - 5.6.29	On Laravel versions with this vulnerability, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc.	High	8.1

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):

• Upgrade Guide - Laravel 5.6.30 - The PHP Framework For Web Artisans

Additional References

• CISA Adds One Known Exploited Vulnerability to Catalog | CISA
• CVE-2018-15133 : In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unseri (cvedetails.com)