laravel laravel CVE-2018-15133 is a vulnerability in Laravel
Published on August 9, 2018

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.

Vendor Advisory NVD

Known Exploited Vulnerability

This Laravel Deserialization of Untrusted Data Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).

The following remediation steps are recommended / required by February 6, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2018-15133 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

What is a Marshaling, Unmarshaling Vulnerability?

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

CVE-2018-15133 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.


Products Associated with CVE-2018-15133

You can be notified by stack.watch whenever vulnerabilities like CVE-2018-15133 are published in these products:

Laravel
 

What versions of Laravel are vulnerable to CVE-2018-15133?