Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta2:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta3:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta4:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta5:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta6:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:beta7:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:rc1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.4:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.4:alpha2:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.4:beta1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.4:rc1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.6:alpha1:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.8:rc1:*:*:*:*:*:*"
],
"vendor_product": "chamilo:chamilo_lms",
"extracted_events": [
{
"introduced": "1.11.0-alpha2"
},
{
"last_affected": "1.11.0-alpha2"
},
{
"introduced": "1.11.0-beta1"
},
{
"last_affected": "1.11.0-beta1"
},
{
"introduced": "1.11.0-beta2"
},
{
"last_affected": "1.11.0-beta2"
},
{
"introduced": "1.11.0-beta3"
},
{
"last_affected": "1.11.0-beta3"
},
{
"introduced": "1.11.0-beta4"
},
{
"last_affected": "1.11.0-beta4"
},
{
"introduced": "1.11.0-beta5"
},
{
"last_affected": "1.11.0-beta5"
},
{
"introduced": "1.11.0-beta6"
},
{
"last_affected": "1.11.0-beta6"
},
{
"introduced": "1.11.0-beta7"
},
{
"last_affected": "1.11.0-beta7"
},
{
"introduced": "1.11.0-rc1"
},
{
"last_affected": "1.11.0-rc1"
},
{
"introduced": "1.11.4-alpha1"
},
{
"last_affected": "1.11.4-alpha1"
},
{
"introduced": "1.11.4-alpha2"
},
{
"last_affected": "1.11.4-alpha2"
},
{
"introduced": "1.11.4-beta1"
},
{
"last_affected": "1.11.4-beta1"
},
{
"introduced": "1.11.4-rc1"
},
{
"last_affected": "1.11.4-rc1"
},
{
"introduced": "1.11.6-alpha1"
},
{
"last_affected": "1.11.6-alpha1"
},
{
"introduced": "1.11.8-rc1"
},
{
"last_affected": "1.11.8-rc1"
}
],
"source": "CPE_STRING"
}
]
}{
"cpe": [
"cpe:2.3:a:chamilo:chamilo_lms:1.11.0:-:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.2:*:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.4:-:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.6:-:*:*:*:*:*:*",
"cpe:2.3:a:chamilo:chamilo_lms:1.11.8:-:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "1.11.0-NA"
},
{
"last_affected": "1.11.0-NA"
},
{
"introduced": "1.11.2"
},
{
"last_affected": "1.11.2"
},
{
"introduced": "1.11.4-NA"
},
{
"last_affected": "1.11.4-NA"
},
{
"introduced": "1.11.6-NA"
},
{
"last_affected": "1.11.6-NA"
},
{
"introduced": "1.11.8-NA"
},
{
"last_affected": "1.11.8-NA"
}
],
"source": [
"CPE_STRING",
"REFERENCES"
]
}