#Wp backup buddy full
Presence of these parameters along with a full path to a file or the presence of.
We recommend checking for the ‘local-download’ and/or the ‘local-destination-id’ parameter value when reviewing requests in your access logs. 20.108.248.76 with 211,924 attacks blockedĪ majority of the attacks we have observed are attempting to read the following files: The top 10 Attacking IP Addresses are as follows: We are seeing attackers attempting to retrieve sensitive files such as the /wp-config.php and /etc/passwd file which can be used to further compromise a victim. The Wordfence firewall has blocked over 4.9 million exploit attempts targeting this vulnerability since August 26, 2022, which is the first indication we have that this vulnerability was being exploited. The back-up path is not validated and therefore an arbitrary file could be supplied and subsequently downloaded.ĭue to this vulnerability being actively exploited, and its ease of exploitation, we are sharing minimal details about this vulnerability. This means that the function could be triggered via any administrative page, including those that can be called without authentication (admin-post.php), making it possible for unauthenticated users to call the function.
#Wp backup buddy download
More specifically the plugin registers an admin_init hook for the function intended to download local back-up files and the function itself did not have any capability checks nor any nonce validation. Unfortunately, the method to download these locally stored files was insecurely implemented making it possible for unauthenticated users to download any file stored on the server. There is also the ability to store back-up downloads locally via the ‘Local Directory Copy’ option. One of the features in the plugin is to store back-up files in multiple different locations, known as Destinations, which includes Google Drive, OneDrive, and AWS just to name a few. The BackupBuddy plugin for WordPress is designed to make back-up management easy for WordPress site owners. Change Mirror Download Description: Arbitrary File Download/ReadĬVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0 kommentar(er)
