[KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities
嗯,用户让我帮忙总结一下这篇文章的内容,控制在100个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先,我需要仔细阅读文章内容。看起来这是一篇安全公告,关于Blesta软件的漏洞。文章提到受影响的版本是从3.0.0到5.13.1。漏洞类型是PHP对象注入,可能通过POST或GET参数传入未正确过滤的数据,导致反序列化攻击,进而可能执行任意PHP代码,也就是远程代码执行(RCE)。 接下来,漏洞的利用条件是必须安装了2Checkout支付网关。修复方案是升级到5.13.2或更高版本。披露时间线显示从2026年1月到2月逐步公开。 用户要求总结在100字以内,所以需要抓住关键点:软件名称、漏洞类型、影响范围、利用条件、修复方法和CVE编号。 可能的结构是:Blesta <=5.13.1存在多个PHP对象注入漏洞,影响所有版本至5.13.1。通过特定参数未过滤导致反序列化攻击,可执行任意代码。需升级至5.13.2或更高版本修复。CVE-2026-25614。 检查字数是否在限制内,并确保信息准确无误。 </think> Blesta <= 5.13.1 存在多个 PHP 对象注入漏洞,影响所有版本至 5.13.1。攻击者可通过特定参数未正确过滤导致反序列化攻击,进而执行任意 PHP 代码。需升级至 5.13.2 或更高版本修复。 2026-2-5 04:50:55 Author: seclists.org(查看原文) 阅读量:1 收藏
嗯,用户让我帮忙总结一下这篇文章的内容,控制在100个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先,我需要仔细阅读文章内容。看起来这是一篇安全公告,关于Blesta软件的漏洞。文章提到受影响的版本是从3.0.0到5.13.1。漏洞类型是PHP对象注入,可能通过POST或GET参数传入未正确过滤的数据,导致反序列化攻击,进而可能执行任意PHP代码,也就是远程代码执行(RCE)。 接下来,漏洞的利用条件是必须安装了2Checkout支付网关。修复方案是升级到5.13.2或更高版本。披露时间线显示从2026年1月到2月逐步公开。 用户要求总结在100字以内,所以需要抓住关键点:软件名称、漏洞类型、影响范围、利用条件、修复方法和CVE编号。 可能的结构是:Blesta <=5.13.1存在多个PHP对象注入漏洞,影响所有版本至5.13.1。通过特定参数未过滤导致反序列化攻击,可执行任意代码。需升级至5.13.2或更高版本修复。CVE-2026-25614。 检查字数是否在限制内,并确保信息准确无误。 </think> Blesta <= 5.13.1 存在多个 PHP 对象注入漏洞,影响所有版本至 5.13.1。攻击者可通过特定参数未正确过滤导致反序列化攻击,进而执行任意 PHP 代码。需升级至 5.13.2 或更高版本修复。 2026-2-5 04:50:55 Author: seclists.org(查看原文) 阅读量:1 收藏
Full Disclosure mailing list archives
From: Egidio Romano <n0b0d13s () gmail com>
Date: Wed, 4 Feb 2026 11:50:59 +0100
-------------------------------------------------------------------------- Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities -------------------------------------------------------------------------- [-] Software Link: https://www.blesta.com [-] Affected Versions: All versions from 3.0.0 to 5.13.1. [-] Vulnerabilities Description: The vulnerabilities exist because user input passed through the "invoices" POST parameter or the "item-ext-ref" GET parameter when dispatching the Checkout2::validate() or Checkout2::success() method is not properly sanitized before being used in a call to the unserialize() PHP function. This can be exploited by malicious client users to inject arbitrary PHP objects into the application scope, allowing them to perform a variety of attacks, such as executing arbitrary PHP code (RCE). Successful exploitation of this issue requires the 2Checkout payment gateway to be installed. [-] Proof of Concept: https://karmainsecurity.com/pocs/CVE-2026-25614.php [-] Solution: Apply the vendor patch or upgrade to version 5.13.2 or later. [-] Disclosure Timeline: [19/01/2026] - Vendor notified [22/01/2026] - CVE identifier requested [28/01/2026] - Version 5.13.2 released [31/01/2026] - Version 5.13.3 released to address regressions introduced in 5.13.2 [03/02/2026] - CVE identifier assigned [04/02/2026] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures project (cve.org) has assigned the name CVE-2026-25614 to these vulnerabilities. [-] Credits: Vulnerabilities discovered by Egidio Romano. [-] Other References: https://www.blesta.com/2026/01/28/security-advisory/ [-] Original Advisory: https://karmainsecurity.com/KIS-2026-03 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- [KIS-2026-03] Blesta <= 5.13.1 (2Checkout) Multiple PHP Object Injection Vulnerabilities Egidio Romano (Feb 04)
文章来源: https://seclists.org/fulldisclosure/2026/Feb/2
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh