ID: CVE-2023-28115

Last Modified: March 24, 2023

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.4.2, Snappy is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the `file_exists()` function. If an attacker can upload files of any type to the server he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP objects. This can lead to remote code execution especially when snappy is used with frameworks with documented POP chains like Laravel/Symfony vulnerable developer code. If a user can control the output file from the `generateFromHtml()` function, it will invoke deserialization. This vulnerability is capable of remote code execution if Snappy is used with frameworks or developer code with vulnerable POP chains. It has been fixed in version 1.4.2.

Twitter Activity

Tweets last week: 33

Remaining steady

Yahoo Activity

Yahoo results: 0

Remaining steady

EPSS History

Current EPSS Score: 0.00525

Remaining steady


Reddit Activity

Reddit Posts: 1

Remaining steady

Github Repos

Github Repos: 0

Remaining steady

Exploits

Found exploits:

Attack Vector: Network

Attack Complexity: Low

Privileges Required: None

User Interaction: None

Scope: Unchanged

Confidentiality: High

Integrity: High

Availability: High

Base Score: 9.8

Exploitability Score: 3.9

Impact Score: 5.9

CVSS V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Specialize CVSS-Score

CWE-502

Condition Configuration
OR
OR
Alle Schwachstellen für knplabs
Date: March 24, 2023

Base Score V3: Not defined
Exploitability Score V3: Not defined
Impact Score V3: Not defined
Cvss Vector V3: Not defined
Configuration:
added:
cpe:2.3:a:knplabs:snappy:*:*:*:*:*:*:*:*



                    <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:knplabs:snappy:*:*:*:*:*:*:*:*"/>
    </set>
</set>

                  
                      <?xml version="1.0" ?>
<set operator="and">
    <set operator="or">
        <prop key="application" value="cpe:2.3:a:knplabs:snappy:*:*:*:*:*:*:*:*"/>
    </set>
    <prop key="program_influence" value="input"/>
</set>