CVE-2019-6977: Yet Another WordPress Critical Flaw Found, Left Unpatched For 6 Years
NEWS

CVE-2019-6977: Yet Another WordPress Critical Flaw Found, Left Unpatched For 6 Years

The popular content management system WordPress has been found to contain a dangerous weakness allowing remote attackers to easily execute remote code. The public announcement of the bug shows that the vulnerability has existed in the past 6 years and it is very possible that sites have been accessed through it. Basically it allows low-privileged accounts to execute code using two vulnerability found with the main engine.




CVE-2019-6977: The Latest WordPress Has Allowed Criminals To Execute Remote Code For 6 Years

WordPress site owners should immediately patch their installations to the latest available version (5.0.3) in order to protect themselves from a dangerous remote code execution vulnerability which was just announced. The public announcement came in from the security team at RIPS Technologies GmbH that revealed a dangerous bug found within the content management system. It effectively allows computer hackers to exploit the online installations by merely having a low-privileged account on the site. It is used to exploit two distinct bug types — Path Traversal and Local File Inclusion which are found within the WordPress core engine. This also affects any plugins that incorrectly handle Post meta values.

Related:
A large WordPress botnet is currently attacking other blogs powered by the platform, it uses a complex infection scheme, read all about it in our article
WordPress Botnet Infects Blogs in a Large-Scale Attack

This issue is rather dangerous as the Post Meta values are internal references to files upload in the server which are also recorded in the WordPress databases. The security investigation reveals the vulnerable WordPress versions allow for this value to be modified by using code injection. Effectively this means that computer criminals having access to the web server can upload modified content and thus exploit the system. A public security advisory has been assigned to track the issue with the CVE-2019-6977 identifier. Its contents reads the following:

gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.

The latest version of the WordPress fixes the Post Meta entries weakness however the Path Traversal flaw can still be exploited by incorrect behavior of any third-party plugins. The WordPress security team will address the complete weakness in its next release. Until then all site owners are urged to apply all available security updates — both to the core engine and all plugins and themes.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts - Website

Follow Me:
TwitterGoogle Plus

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...