CVE-2020-11060 : What You Need to Know

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. This vulnerability can be exploited by an attacker without a valid account using CSRF. The attack requires an account with Maintenance privileges and the right to add WIFI networks. The issue is fixed in version 9.4.6.

Understanding CVE-2020-11060

This CVE describes a remote code execution vulnerability in GLPI.

What is CVE-2020-11060?

CVE-2020-11060 is a vulnerability in GLPI that allows attackers to execute system commands through the backup feature, potentially leading to unauthorized access and control of the system.

The Impact of CVE-2020-11060

The vulnerability has a CVSS base score of 7.4, indicating a high severity issue. Attackers can exploit this flaw to execute commands, compromising the confidentiality, integrity, and availability of affected systems.

Technical Details of CVE-2020-11060

Vulnerability Description

The vulnerability in GLPI before 9.4.6 allows attackers to execute system commands by misusing the backup functionality.

Affected Systems and Versions

Product: GLPI
Vendor: glpi-project
Versions Affected: < 9.4.6

Exploitation Mechanism

Attack Complexity: Low
Attack Vector: Network
Privileges Required: Low
User Interaction: None
Scope: Changed

Mitigation and Prevention

Immediate Steps to Take

Update GLPI to version 9.4.6 or later to mitigate the vulnerability.
Monitor for any unusual system behavior that could indicate exploitation.

Long-Term Security Practices

Regularly update software and apply security patches promptly.
Implement strong access controls and least privilege principles to limit exposure to such vulnerabilities.

Patching and Updates

Stay informed about security advisories and updates from GLPI to address potential vulnerabilities promptly.