CVE-2023-36210 – MotoCMS 3.4.3 contains a Server-Side Template I... (How to Fix)

Q: What is the severity of CVE-2023-36210?

CVE-2023-36210 has a CVSS score of 9.8 (CRITICAL). MotoCMS 3.4.3 contains a Server-Side Template Injection (SSTI) vulnerability in the Store Category Template via the keyword parameter. This allows attackers to execute arbitrary code on the server with the privileges of the web application. All users running MotoCMS 3.4.3 with the Store Category Template are affected.

📋 TL;DR

MotoCMS 3.4.3 contains a Server-Side Template Injection (SSTI) vulnerability in the Store Category Template via the keyword parameter. This allows attackers to execute arbitrary code on the server with the privileges of the web application. All users running MotoCMS 3.4.3 with the Store Category Template are affected.

💻 Affected Systems

Products:

MotoCMS

Versions: Version 3.4.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the Store Category Template component.

📦 What is this software?

Motocms by Motocms

View all CVEs affecting Motocms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise leading to data theft, ransomware deployment, or creation of persistent backdoors.

🟠

Likely Case

Remote code execution allowing attackers to deface websites, steal sensitive data, or pivot to internal networks.

🟢

If Mitigated

Limited impact with proper network segmentation, WAF rules, and minimal privileges.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available and requires no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation on the keyword parameter to reject template syntax.

WAF Rule Implementation

all

Deploy Web Application Firewall rules to block SSTI payloads in the keyword parameter.

🧯 If You Can't Patch

Isolate the affected system from critical networks and implement strict network segmentation.
Implement application-level input validation to reject template injection patterns in the keyword parameter.

🔍 How to Verify

Check if Vulnerable:

Check if MotoCMS version is 3.4.3 and if Store Category Template is enabled. Test with controlled SSTI payloads in keyword parameter.

Check Version:

Check MotoCMS admin panel or configuration files for version information.

Verify Fix Applied:

Verify that template injection attempts in the keyword parameter are blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual keyword parameter values containing template syntax like {{, ${, #, etc.

Network Indicators:

HTTP requests with suspicious template payloads in keyword parameter

SIEM Query:

web_requests WHERE url_parameter CONTAINS 'keyword' AND (url_parameter CONTAINS '{{' OR url_parameter CONTAINS '${' OR url_parameter CONTAINS '#')

📊 Metadata

CVE ID: CVE-2023-36210

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-74

Published: August 1, 2023

Last Updated: November 21, 2024

🔗 References

https://vulners.com/zdt/1337DAY-ID-38750 Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/51499 Exploit,Third Party Advisory,VDB Entry
https://vulners.com/zdt/1337DAY-ID-38750 Exploit,Third Party Advisory
https://www.exploit-db.com/exploits/51499 Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-36210, you might also want to check these: