Impact
The vulnerability is a PHP code injection flaw (CWE-94) in the OpenCATS installer AJAX endpoint. An unauthenticated attacker can send a specially crafted payload in the databaseConnectivity the application to write malicious PHP code into its configuration files. Because the injected code is executed each time the installer wizard is not yet finished, the page loads.
Affected Systems
All installations of OpenCATS derived from the code base before commit 3002a29f4c3cada1aa2c4f3d4ae4e189906606b6 are impacted. No specific version numbers are listed, so any OpenCATS deployment prior to this update carries the vulnerability.
Risk and Exploitability
The CVSS score of 9.2 classifies the flaw the EPSS score of 22% indicates a moderate likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, but attackers only need HTTP access to the un with required, to inject code that will run on every subsequent request until the installer wizard completes. It is inferred that the attacker can send a crafted HTTP POST request to the AJAX endpoint without authentication to perform the injection.
OpenCVE Enrichment