This vulnerability is being actively exploited in the wild.
A remote code execution vulnerability exists in Laravel Framework versions through 5.5.40 and 5.6.x prior to 5.6.30. The issue arises from an insecure unserialize operation on the X-XSRF-TOKEN cookie, which can be manipulated if the attacker knows the application encryption key. Exploitation involves crafting a token that, when unserialized, executes arbitrary code on the server.
Exploitation of this vulnerability allows for remote code execution on the server where the vulnerable Laravel application is running.
To reproduce this vulnerability, first ensure that the Laravel application is running a vulnerable version. Then, access the application's .env file to obtain the APP_KEY, which is necessary for exploitation. Once the key is available, send a POST request to the application with a crafted X-XSRF-TOKEN header that includes the payload for the desired command execution. The application will unserialize the token and execute the command on the server.
Upgrade to Laravel Framework version 5.6.30 or later, and ensure that the application's encryption key has not been compromised.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
