Login Sign Up

CVE-2021-43439

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2021-43439 is a remote code execution vulnerability in the Add Review function of iResturant 1.0 that allows unauthenticated attackers to execute arbitrary commands on the server. This affects all installations of iResturant 1.0 that have the vulnerable review functionality exposed. Attackers can gain complete control of affected systems.

💻 Affected Systems

Products:
  • iResturant
Versions: 1.0
Operating Systems: Any OS running PHP web server
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Iresturant by Iresturant Project

View all CVEs affecting Iresturant →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to install malware, steal data, pivot to other systems, or establish persistent backdoor access.

🟠

Likely Case

Attacker executes commands to deface website, steal database contents, or install cryptocurrency miners.

🟢

If Mitigated

If properly segmented and monitored, impact limited to the web server with no lateral movement to other systems.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit code is publicly available and requires minimal technical skill to execute.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch exists. Consider migrating to alternative restaurant management software or implementing workarounds.

🔧 Temporary Workarounds

Disable Add Review Function

all

Remove or disable the vulnerable review submission functionality

# Remove review.php or disable the route in your web server configuration

Input Validation Filter

all

Add strict input validation to sanitize user input in review forms

# Implement PHP input sanitization: filter_var($input, FILTER_SANITIZE_STRING);

🧯 If You Can't Patch

  • Implement web application firewall (WAF) with RCE protection rules
  • Network segmentation to isolate iResturant from critical systems

🔍 How to Verify

Check if Vulnerable:

Check if review.php exists and accepts unsanitized input. Test with controlled payloads in review form fields.

Check Version:

# Check iResturant version in configuration files or database

Verify Fix Applied:

Attempt exploitation with test payloads after implementing workarounds. Verify review functionality is disabled or properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to review.php with command-like parameters
  • System command execution in web server logs
  • Multiple failed exploitation attempts

Network Indicators:

  • Outbound connections from web server to suspicious IPs
  • Unusual process spawning from web server

SIEM Query:

source="web_server" AND (url="*review.php*" AND (param="*cmd*" OR param="*system*" OR param="*exec*"))

📊 Metadata

CVE ID: CVE-2021-43439
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-79
Published: December 20, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-43439, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)