CVE-2024-47886

Chamilo: Post-Auth Remote Code Execution

CVSS 8.7 HIGHEPSS 0.9%CWE-502

In short

Chamilo learning management system allows administrators to run malicious code on the server through a flaw in how it processes certain files. This happens because the system unsafely handles specially crafted data when the virtualization plugin is enabled.

Technical detail

CVE-2024-47886 involves unsafe PHP object unserialization (CWE-502) in Chamilo's virtualization plugin (vchamilo) affecting versions 1.11.12–1.11.26. An authenticated administrator can exploit phar deserialization to achieve remote code execution on the server. The vulnerability requires admin-level access and the vchamilo plugin to be active.

Summary generated and translated by AI from the official description.

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an administrator to execute arbitrary code on the server. This issue has been patched in version 1.11.26.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected products

chamilo · chamilo-lms

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/chamilo/chamilo-lms/releases/tag/v1.11.28 https://github.com/chamilo/chamilo-lms/security/advisories/GHSA-c4fc-vjm9-9mvc