Pegasus CMS Remote Code Execution Vulnerability in Extra Fields Plugin
Vulnerability
A remote code execution vulnerability has been identified in Pegasus CMS version 1.0, specifically within the extra_fields.php plugin. This vulnerability allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe evaluation functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code embedded in the action parameter, leading to unauthorized code execution and the potential for an interactive shell.
Impact
Exploitation of this vulnerability allows for remote code execution on the server where Pegasus CMS is installed.
Reproduction
The vulnerability can be reproduced by sending a POST request to the submit.php endpoint of the extra_fields.php plugin. Include malicious PHP code in the action parameter. The unsafe eval functionality in the plugin will execute the injected code, resulting in remote code execution.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.