vBulletin Authentication Bypass Vulnerability
漏洞信息
漏洞名称: vBulletin Authentication Bypass Vulnerability
漏洞编号:
- CVE: CVE-2025-48827
漏洞类型: 权限绕过
漏洞等级: 严重
漏洞描述: ### 受影响产品
vBulletin是一款广泛使用的论坛软件,支持多种社区功能,如帖子发布、用户管理等。它通常被部署在企业、教育机构和个人网站中,用于构建在线社区。由于其流行性,vBulletin的安全性对许多网站至关重要。
漏洞说明
此漏洞为权限绕过类型,具体存在于vBulletin 5.0.0至5.7.5以及6.0.0至6.0.3版本中。在PHP 8.1或更高版本的环境下,未经验证的攻击者可以远程调用受保护的API控制器方法,导致认证绕过。这一漏洞的技术根源在于对受保护方法的访问控制不足,使得攻击者能够绕过正常的认证流程。
影响分析
此漏洞的安全风险极高,被评为“严重”级别。攻击者利用此漏洞可以在未经验证的情况下执行受保护的操作,可能导致远程代码执行、数据泄露或其他恶意活动。由于漏洞允许未授权访问,攻击者可以无需任何认证即可利用,且可能自动化攻击过程,对受影响系统构成重大威胁。
产品厂商: vBulletin
产品名称: vBulletin
影响版本: 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3
搜索语法: http.html:”powered by vbulletin”
来源: https://github.com/projectdiscovery/nuclei-templates/issues/12506
类型: projectdiscovery/nuclei-templates:github issues
来源概述
Description:
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 contain an authentication bypass caused by unauthenticated access to protected API controllers on PHP 8.1 or later, letting unauthenticated attackers invoke protected methods remotely.
Severity: Critical
POC:
- https://karmainsecurity.com/dont-call-that-protected-method-vbulletin-rce
- https///github.com:wiseep/CVE-2025-48827.git
- https://github.com/wiseep/CVE-2025-48827
- https///github.com:0xgh057r3c0n/CVE-2025-48827.git
- https://github.com/0xgh057r3c0n/CVE-2025-48827
KEV: True
Shodan Query: http.html:"powered by vbulletin"
Acceptance Criteria: The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data(
-debug) along with the template to help the triage team with validation or can also share a vulnerable environment like docker file.
Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted. Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.