CVE-2016-15044

23.07.2025, 22:15

A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe deserialization of user-controlled data within the keditorservices module. An unauthenticated remote attacker can exploit this issue by sending a specially crafted serialized PHP object in the kdata GET parameter to the redirectWidgetCmd endpoint. Successful exploitation leads to execution of arbitrary PHP code in the context of the web server process.

Code Injection

Provider	Type	Base Score	Vector
NIST	NIST	UNKNOWN	---
VulnCheck	CNA	---	---
CISA-ADP	ADP	---	---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 63%

Common Weakness Enumeration

CWE-94 - Improper Control of Generation of Code ('Code Injection')
The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/kaltura_unserialize_rce.rb

https://www.exploit-db.com/exploits/39563

https://www.exploit-db.com/exploits/40404

https://www.vulncheck.com/advisories/kaltura-php-object-injection-rce

https://www.exploit-db.com/exploits/39563