QID 150475

Date Published: 2022-02-23

QID 150475: PHP Path Traversal Vulnerability (CVE-2021-21706)

PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.

The vulnerability allows a remote attacker overwrite files on the system.
The vulnerability exists due to insufficient filtration of file names in the php_zip_make_relative_path() function on Windows systems. A remote attacker can construct a specially crafted ZIP archive, which once extracted by the ZipArchive::extractTo() function, can overwrite files outside of the destination directory.

Affected versions:
7.3.x below 7.3.31
7.4.x below 7.4.24
8.0.x below 8.0.11

QID Detection Logic (Unauthenticated):
This QID checks the HTTP Server header to see if the server is running a vulnerable version of PHP.

Successful exploitation of the vulnerability may allow an attacker to overwrite arbitrary files on the system with privileges of the web server.

CVSS V3 rated as High - 6.5 severity.

CVSS V2 rated as Medium - 4.3 severity.

Solution

Customers are advised to upgrade to the latest version of PHP.

Vendor References

Sec Bug 81420 - bugs.php.net/bug.php?id=81420

CVEs related to QID 150475

CVE-2021-21706 |

Software Advisories

Advisory ID	Software	Component	Link
Sec Bug 81420			bugs.php.net/bug.php?id=81420

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Array ( [qid] => 150475 [title] => PHP Path Traversal Vulnerability (CVE-2021-21706) [severity] => 3 [description] => PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications.

Affected versions:
7.3.x below 7.3.31
7.4.x below 7.4.24
8.0.x below 8.0.11

QID Detection Logic (Unauthenticated):
This QID checks the HTTP Server header to see if the server is running a vulnerable version of PHP.

[solution] => Customers are advised to upgrade to the latest version of PHP. [consequence] => Successful exploitation of the vulnerability may allow an attacker to overwrite arbitrary files on the system with privileges of the web server.

[published] => Yes [date_insert] => 2022-02-22 [date_published] => 2022-02-23 [cve] => Array ( [0] => CVE-2021-21706 ) [vendor_refs] => Array ( [0] => Array ( [vendor_ref] => Sec Bug 81420 [vendor_ref_url] => https://bugs.php.net/bug.php?id=81420 ) ) [cvss_v2] => Array ( [basescore] => 4.3 [temporalscore] => 3.2 ) [cvss_v3] => Array ( [basescore] => 6.5 [temporalscore] => 5.7 ) [patches] => Array ( [0] => Array ( [link] => https://bugs.php.net/bug.php?id=81420 [advisory_id] => Sec Bug 81420 [os_sw] => [component] => ) ) )