CVE-2017-17672

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.

Published: Dec 14, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-17672
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
vbulletin / vbulletin	5.0.0-beta_28	5.0.0-beta_28.x
vbulletin / vbulletin	5.0.0-beta_11	5.0.0-beta_11.x
vbulletin / vbulletin	5.0.1	5.3.3.x

https://blogs.securiteam.com/index.php/archives/3573
https://www.exploit-db.com/exploits/43362/

Vulnerability Database

289,697

CVE-2017-17672