Primary

Context

Chamilo LMS Unauthenticated Remote Code Execution Vulnerability in Installation Directory

Vulnerability

Patched

A remote code execution vulnerability has been identified in Chamilo LMS versions prior to 1.11.38. This issue arises from a chained attack that can exploit PHP code in the main/install/ directory, allowing an unauthenticated attacker to modify existing files or create new ones, depending on system permissions. The vulnerability only affects portals with the main/install/ directory still present and accessible.

Impact

Exploitation of this vulnerability allows for unauthenticated remote code execution on the server.

Remediation

Users can update to Chamilo LMS version 1.11.38 or delete the main/install/ directory. If the vulnerability has been exploited, it is recommended to check for unauthorized changes in the app/config/configuration.php file, particularly in the update date, database credentials, and the 'security_key' configuration.

Added: Apr 10, 2026, 7:28 PM

Updated: Apr 10, 2026, 7:28 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

8.6

remediation

8.3

relevance

5.8

threat

3.2

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

2.5

exploitability

8.6

remediation

8.3

relevance

5.8

threat

3.2

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Chamilo LMS Unauthenticated Remote Code Execution Vulnerability in Installation Directory

Vulnerability

Impact

Remediation

Affected Products

Chamilo LMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating