CVE-2011-10013

Scores

EPSS

0.600medium60.0%

0%20%40%60%80%100%

Percentile: 60.0%

CVSS

10.0critical4.0

0246810

CVSS Score: 10.0/10

All CVSS Scores

CVSS 4.0

10.0

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector Breakdown

CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics

CVSS

Attack Vector

Network (N)

Describes how the vulnerability is exploited

AV:N

Attack Complexity

Low (L)

Describes the conditions beyond the attacker's control

AC:L

Attack Requirements

None

AT:N

Privileges Required

None (N)

Describes the level of privileges an attacker must possess

PR:N

User Interaction

None (N)

Captures the requirement for a human user participation

UI:N

Vulnerable System Confidentiality

High (H)

Measures the impact to the confidentiality of information

VC:H

Vulnerable System Integrity

High (H)

Measures the impact to integrity of a successfully exploited vulnerability

VI:H

Vulnerable System Availability

High (H)

Measures the impact to the availability of the impacted component

VA:H

Subsequent System Confidentiality

High (H)

Measures the impact to the confidentiality of information

SC:H

Subsequent System Integrity

High (H)

Measures the impact to integrity of a successfully exploited vulnerability

SI:H

Subsequent System Availability

High (H)

Measures the impact to the availability of the impacted component

SA:H

Temporal Metrics

Exploit Code Maturity

Not Defined

E:X

Environmental Metrics

Confidentiality Requirement

Not Defined

CR:X

Integrity Requirement

Not Defined

IR:X

Availability Requirement

Not Defined

AR:X

Modified Attack Vector

Not Defined

Describes how the vulnerability is exploited

MAV:X

Modified Attack Complexity

Not Defined

Describes the conditions beyond the attacker's control

MAC:X

Modified Attack Requirements

Not Defined

MAT:X

Modified Privileges Required

Not Defined

Describes the level of privileges an attacker must possess

MPR:X

Modified User Interaction

Not Defined

Captures the requirement for a human user participation

MUI:X

Modified Vulnerable System Confidentiality

Not Defined

Measures the impact to the confidentiality of information

MVC:X

Modified Vulnerable System Integrity

Not Defined

Measures the impact to integrity of a successfully exploited vulnerability

MVI:X

Modified Vulnerable System Availability

Not Defined

Measures the impact to the availability of the impacted component

MVA:X

Modified Subsequent System Confidentiality

Not Defined

Measures the impact to the confidentiality of information

MSC:X

Modified Subsequent System Integrity

Not Defined

Measures the impact to integrity of a successfully exploited vulnerability

MSI:X

Modified Subsequent System Availability

Not Defined

Measures the impact to the availability of the impacted component

MSA:X

Description

Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

CWEs

CWE-94

Reference Links

https://github.com/nirix/traq/releases/tag/v2.3.1

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/traq_plugin_exec.rb

https://web.archive.org/web/20110729003039/https://traqproject.org/

https://www.exploit-db.com/exploits/18213

https://www.exploit-db.com/exploits/18239

https://www.vulncheck.com/advisories/traq-issue-tracking-system-rce