Vulnerability Details CVE-2011-10026
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.8%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/spree
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/spree_searchlogic_exec.rb
- https://web.archive.org/web/20111120023342/http://spreecommerce.com/blog/2011/04/19/security-fixes
- https://www.exploit-db.com/exploits/17199
- https://www.vulncheck.com/advisories/spreecommerce-api-rce
Products affected by CVE-2011-10026
-
cpe:2.3:a:spreecommerce:spree:0.0.1
-
cpe:2.3:a:spreecommerce:spree:0.0.2
-
cpe:2.3:a:spreecommerce:spree:0.0.3
-
cpe:2.3:a:spreecommerce:spree:0.0.4
-
cpe:2.3:a:spreecommerce:spree:0.0.5
-
cpe:2.3:a:spreecommerce:spree:0.0.6
-
cpe:2.3:a:spreecommerce:spree:0.0.7
-
cpe:2.3:a:spreecommerce:spree:0.0.8
-
cpe:2.3:a:spreecommerce:spree:0.0.9
-
cpe:2.3:a:spreecommerce:spree:0.10.0
-
cpe:2.3:a:spreecommerce:spree:0.10.1
-
cpe:2.3:a:spreecommerce:spree:0.10.2
-
cpe:2.3:a:spreecommerce:spree:0.11.0
-
cpe:2.3:a:spreecommerce:spree:0.11.1
-
cpe:2.3:a:spreecommerce:spree:0.11.2
-
cpe:2.3:a:spreecommerce:spree:0.11.3
-
cpe:2.3:a:spreecommerce:spree:0.11.4
-
cpe:2.3:a:spreecommerce:spree:0.11.99
-
cpe:2.3:a:spreecommerce:spree:0.2.0
-
cpe:2.3:a:spreecommerce:spree:0.30.0
-
cpe:2.3:a:spreecommerce:spree:0.30.1
-
cpe:2.3:a:spreecommerce:spree:0.30.2
-
cpe:2.3:a:spreecommerce:spree:0.4.0
-
cpe:2.3:a:spreecommerce:spree:0.4.1
-
cpe:2.3:a:spreecommerce:spree:0.40.0
-
cpe:2.3:a:spreecommerce:spree:0.40.1
-
cpe:2.3:a:spreecommerce:spree:0.40.2
-
cpe:2.3:a:spreecommerce:spree:0.40.3
-
cpe:2.3:a:spreecommerce:spree:0.40.4
-
cpe:2.3:a:spreecommerce:spree:0.5.0
-
cpe:2.3:a:spreecommerce:spree:0.5.1
-
cpe:2.3:a:spreecommerce:spree:0.50.0
-
cpe:2.3:a:spreecommerce:spree:0.6.0
-
cpe:2.3:a:spreecommerce:spree:0.7.0
-
cpe:2.3:a:spreecommerce:spree:0.7.1
-
cpe:2.3:a:spreecommerce:spree:0.8.0
-
cpe:2.3:a:spreecommerce:spree:0.8.1
-
cpe:2.3:a:spreecommerce:spree:0.8.2
-
cpe:2.3:a:spreecommerce:spree:0.8.3
-
cpe:2.3:a:spreecommerce:spree:0.8.4
-
cpe:2.3:a:spreecommerce:spree:0.8.5
-
cpe:2.3:a:spreecommerce:spree:0.9.0
-
cpe:2.3:a:spreecommerce:spree:0.9.1
-
cpe:2.3:a:spreecommerce:spree:0.9.2
-
cpe:2.3:a:spreecommerce:spree:0.9.3
-
cpe:2.3:a:spreecommerce:spree:0.9.4