CVE-2023-32073 : Security Advisory and Response

A command injection vulnerability has been identified in WWBN AVideo, an open-source video platform. This vulnerability exists in versions 12.4 and prior, allowing for Remote Code Execution if the CloneSite Plugin is used. The issue is a bypass to the fix for a previous CVE (CVE-2023-30854) affecting WWBN AVideo up to version 12.3. The vulnerability has been patched in commit 1df4af01f80d56ff2c4c43b89d0bac151e7fb6e3.

Understanding CVE-2023-32073

WWBN AVideo contains a security flaw that enables threat actors to execute arbitrary commands using the

plugin/CloneSite/cloneClient.json.php

path, potentially leading to unauthorized remote access.

What is CVE-2023-32073?

CVE-2023-32073 is a command injection vulnerability identified in WWBN AVideo version 12.4 and earlier, allowing for Remote Code Execution if the CloneSite Plugin is exploited. This vulnerability presents a significant risk to the confidentiality, integrity, and availability of affected systems.

The Impact of CVE-2023-32073

The impact of CVE-2023-32073 is rated as HIGH due to its potential to enable threat actors to execute arbitrary commands remotely, leading to unauthorized access and potential data breaches. The affected systems are at risk of exploitation by malicious parties to compromise sensitive information.

Technical Details of CVE-2023-32073

The following technical details outline the vulnerability further:

Vulnerability Description

The vulnerability allows threat actors to inject malicious commands through the

plugin/CloneSite/cloneClient.json.php

path, leading to Remote Code Execution if the CloneSite Plugin is utilized. This could result in unauthorized access and potential system compromise.

Affected Systems and Versions

WWBN AVideo versions up to 12.4 are impacted by this vulnerability, with systems running versions 12.4 and earlier being at high risk of exploitation. Users are advised to update to the latest version to mitigate this security risk.

Exploitation Mechanism

Threat actors can exploit this vulnerability by manipulating the

plugin/CloneSite/cloneClient.json.php

path to execute arbitrary commands, potentially gaining unauthorized access to the system and compromising its integrity.

Mitigation and Prevention

To safeguard systems from CVE-2023-32073, immediate action and long-term security practices are recommended:

Immediate Steps to Take

Update WWBN AVideo to the latest version to ensure the vulnerability is patched.
Disable or remove the CloneSite Plugin if not essential for operations.
Monitor system logs for any suspicious activities that could indicate exploitation.

Long-Term Security Practices

Implement strong access controls and authentication mechanisms to prevent unauthorized access.
Conduct regular security assessments and penetration testing to identify and address vulnerabilities proactively.

Patching and Updates

Stay informed about security updates and patches released by WWBN for AVideo. Regularly apply patches to ensure that known vulnerabilities are addressed promptly.