myBB Backdoor Arbitrary Code Execution Vulnerability

A backdoor allowing arbitrary PHP code execution has been introduced in myBB version 1.6.4. This vulnerability arises from unauthorized code embedded in the source package, which was not part of the intended application logic. Exploitation is achieved by injecting payloads into a specially crafted collapsed cookie, requiring no authentication and leading to full compromise of the web server under the application's context.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where myBB is hosted.

Reproduction

The vulnerability can be reproduced by sending a request to the myBB server with a collapsed cookie that includes a payload. The server will execute the injected PHP code, exploiting the backdoor introduced in version 1.6.4.

Remediation

Users are advised to manually download and install the latest version of myBB. Instructions for patching the vulnerability are available on the myBB blog.