CVE-2020-26507

05.11.2020, 18:15

A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the Notes functionality in the main screen, an attacker can inject a payload into the Description field under the Insert To-Do option. Other users might download this data, for example a CSV file, and execute the malicious commands on their computer by opening the file using a software such as Microsoft Excel. The attacker could gain remote access to the users PC.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.8 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 58%

Vendor	Product	Version
marmind	marmind	4.1.141.0

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
The software saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software.

References

https://www.marmind.com/en/

https://www2.deloitte.com/de/de/pages/risk/articles/marmind-csv-injection.html

https://www.marmind.com/en/

https://www2.deloitte.com/de/de/pages/risk/articles/marmind-csv-injection.html