Attacker Value
High
1

Laravel Framework Unserialize Token RCE (CVE-2018-15133)

Disclosure Date: August 09, 2018 Last updated February 13, 2020

Exploitability

(1 user assessed) Very High
Attack Vector
Unknown
Privileges Required
Unknown
User Interaction
Unknown

Description

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.

Add Assessment

General Information

Additional Info

Technical Analysis