Login Sign Up

CVE-2023-37677

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2023-37677 is a remote code execution vulnerability in Pligg CMS (Kliqqi) v2.0.2 that allows attackers to execute arbitrary code on affected systems through the admin_editor.php component. This affects all organizations running vulnerable versions of Pligg/Kliqqi CMS, particularly those with internet-facing installations. Attackers can potentially gain complete control of affected web servers.

💻 Affected Systems

Products:
  • Pligg CMS
  • Kliqqi CMS
Versions: v2.0.2
Operating Systems: All platforms running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects the admin_editor.php component; requires admin access or authentication bypass.

📦 What is this software?

Pligg Cms by Pligg

View all CVEs affecting Pligg Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing data theft, malware deployment, lateral movement to internal networks, and persistent backdoor installation.

🟠

Likely Case

Web server compromise leading to website defacement, data exfiltration, and use as attack platform for further exploitation.

🟢

If Mitigated

Limited impact if proper network segmentation, WAF rules, and access controls prevent exploitation attempts.

🌐 Internet-Facing: HIGH - Directly accessible via web interface with potential for unauthenticated exploitation.
🏢 Internal Only: MEDIUM - Still vulnerable but requires internal network access; lower attack surface.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin access; may be combined with other vulnerabilities for unauthenticated access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.0.3 or later

Vendor Advisory: https://github.com/Kliqqi-CMS/Kliqqi-CMS/issues/264

Restart Required: No

Instructions:

1. Backup current installation. 2. Download latest version from official repository. 3. Replace admin_editor.php with patched version. 4. Verify file permissions are secure. 5. Test admin functionality.

🔧 Temporary Workarounds

Disable admin_editor.php

linux

Temporarily disable vulnerable component by renaming or removing file

mv admin_editor.php admin_editor.php.disabled

Restrict admin access

all

Implement IP whitelisting for admin panel

# Add to .htaccess: Order Deny,Allow
Deny from all
Allow from 192.168.1.0/24

🧯 If You Can't Patch

  • Implement web application firewall with RCE protection rules
  • Isolate affected system in DMZ with strict outbound filtering

🔍 How to Verify

Check if Vulnerable:

Check if admin_editor.php exists in admin directory and version is 2.0.2

Check Version:

grep -r 'version.*2.0.2' config.php || find . -name '*.php' -exec grep -l '2.0.2' {} \;

Verify Fix Applied:

Verify admin_editor.php has been updated or removed, and test admin functionality

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to admin_editor.php
  • System command execution in web logs
  • Multiple failed admin login attempts

Network Indicators:

  • Unexpected outbound connections from web server
  • Shell command patterns in HTTP requests

SIEM Query:

source="web_logs" AND (uri="/admin/admin_editor.php" OR cmd=* OR system(*))

📊 Metadata

CVE ID: CVE-2023-37677
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
Published: July 25, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37677, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)