Search criteria
2 vulnerabilities by Dokan
CVE-2024-3922 (GCVE-0-2024-3922)
Vulnerability from cvelistv5 – Published: 2024-06-13 02:05 – Updated: 2024-08-01 20:26
VLAI?
Title
Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection
Summary
The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity ?
10 (Critical)
Assigner
References
Credits
Villu Orav
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wedevs:dokan_pro:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "dokan_pro",
"vendor": "wedevs",
"versions": [
{
"lessThanOrEqual": "3.10.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3922",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T18:49:20.470257Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T18:53:29.967Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:26:57.135Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9de41de-f2f7-4b16-8ec9-d30bbd3d8786?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://dokan.co/docs/wordpress/changelog/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Dokan Pro",
"vendor": "wedevs",
"versions": [
{
"lessThanOrEqual": "3.10.3",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Villu Orav"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the \u0027code\u0027 parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T02:05:22.878Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d9de41de-f2f7-4b16-8ec9-d30bbd3d8786?source=cve"
},
{
"url": "https://dokan.co/docs/wordpress/changelog/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-06-11T00:00:00.000+00:00",
"value": "Disclosed"
}
],
"title": "Dokan Pro \u003c= 3.10.3 - Unauthenticated SQL Injection"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3922",
"datePublished": "2024-06-13T02:05:22.878Z",
"dateReserved": "2024-04-17T15:38:14.598Z",
"dateUpdated": "2024-08-01T20:26:57.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5410 (GCVE-0-2018-5410)
Vulnerability from cvelistv5 – Published: 2019-01-07 14:00 – Updated: 2024-08-05 05:33
VLAI?
Title
Dokan file system driver contains a stack-based buffer overflow
Summary
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
Severity ?
No CVSS data available.
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dokan | Open Source File System |
Affected:
1.0.0.5000 , < 1.0.0.5000*
(custom)
Affected: 1.2.0.1000 , ≤ 1.2.0.1000 (custom) |
Credits
Thanks to Parvez Anwar for reporting this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:44.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#741315",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/741315/"
},
{
"name": "46155",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46155/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000"
},
{
"name": "106274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106274"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Open Source File System",
"vendor": "Dokan",
"versions": [
{
"lessThan": "1.0.0.5000*",
"status": "affected",
"version": "1.0.0.5000",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.0.1000",
"status": "affected",
"version": "1.2.0.1000",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Thanks to Parvez Anwar for reporting this vulnerability."
}
],
"datePublic": "2019-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-15T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#741315",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://kb.cert.org/vuls/id/741315/"
},
{
"name": "46155",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46155/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000"
},
{
"name": "106274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106274"
}
],
"solutions": [
{
"lang": "en",
"value": "Dokan developers have released a new version, 1.2.1, that fixes this vulnerability by validating the user input."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dokan file system driver contains a stack-based buffer overflow",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2018-5410",
"STATE": "PUBLIC",
"TITLE": "Dokan file system driver contains a stack-based buffer overflow"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Open Source File System",
"version": {
"version_data": [
{
"affected": "\u003e=",
"version_affected": "\u003e=",
"version_name": "1.0.0.5000",
"version_value": "1.0.0.5000"
},
{
"affected": "\u003c=",
"version_affected": "\u003c=",
"version_name": "1.2.0.1000",
"version_value": "1.2.0.1000"
}
]
}
}
]
},
"vendor_name": "Dokan"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Thanks to Parvez Anwar for reporting this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#741315",
"refsource": "CERT-VN",
"url": "https://kb.cert.org/vuls/id/741315/"
},
{
"name": "46155",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46155/"
},
{
"name": "https://cwe.mitre.org/data/definitions/121.html",
"refsource": "MISC",
"url": "https://cwe.mitre.org/data/definitions/121.html"
},
{
"name": "https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000",
"refsource": "CONFIRM",
"url": "https://github.com/dokan-dev/dokany/releases/tag/v1.2.1.1000"
},
{
"name": "106274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106274"
}
]
},
"solution": [
{
"lang": "en",
"value": "Dokan developers have released a new version, 1.2.1, that fixes this vulnerability by validating the user input."
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2018-5410",
"datePublished": "2019-01-07T14:00:00",
"dateReserved": "2018-01-12T00:00:00",
"dateUpdated": "2024-08-05T05:33:44.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}