CVE-2022-35944
October CMS Safe Mode bypass leads to authenticated Remote Code Execution
Description
### Impact This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they can bypass the Safe Mode (`cms.safe_mode`) restriction to introduce new PHP code in a CMS template using a specially crafted request. ### Patches The issue has been patched in v2.2.34 and v3.0.66 ### References Credits to: - David Miller ### For more information If you have any questions or comments about this advisory: - Email us at [[email protected]](mailto:[email protected])
How to fix CVE-2022-35944
To remediate CVE-2022-35944, upgrade the affected package to a fixed version below.
- —upgrade to 2.2.34 or later
Is CVE-2022-35944 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 2.0.0, < 2.2.34
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.2 | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |