WordPress Mobile App Native Plugin Vulnerability Leads to Web Site PWNage (Mar 03, 2017)
The Mobile App Native Plugin for WordPress lets you turn your website into a mobile application in just a few minutes. Recently, there was a vulnerability discovered that allows attackers to execute remote code.
It turns out that the plugin does not:
- Require authentication for file uploads. Any user can upload any file, be it text, image or even executable.
- 2. Check if the uploaded file contains executable code.
Given the above, any user can simply upload a php file that allows for code execution. This is similar to the backdoor.php file shown in How To Own A Web Server By Writing An Email (Jan 4, 2017)
Once the backdoor.php has been successfully uploaded, the attacker can, then go to it and perform any malicious actions he or she wishes.
SonicWALL Threat Research Team has researched this vulnerability and have the following signatures in place to protect their customers:
- WAF:9016 – PHP Injection Attack
- WAF:9039 – PHP Injection Attack 2
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.
