CVE-2023-36825

11.07.2023, 18:15

Orchid is a Laravel package that allows application development of back-office applications, admin/user panels, and dashboards. A vulnerability present starting in version 14.0.0-alpha4 and prior to version 14.5.0 is related to the deserialization of untrusted data from the `_state` query parameter, which can result in remote code execution. The issue has been addressed in version 14.5.0. Users are advised to upgrade their software to this version or any subsequent versions that include the patch. There are no known workarounds.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.6 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
GitHub_M	CNA	9.7 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 89%

Vendor	Product	Version
orchid	platform	14.0.1 ≤ 𝑥 < 14.5.0
orchid	platform	14.0.0
orchid	platform	14.0.0:alpha4
orchid	platform	14.0.0:alpha5
orchid	platform	14.0.0:alpha6
orchid	platform	14.0.0:alpha7

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-502 - Deserialization of Untrusted Data
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References

https://github.com/orchidsoftware/platform/releases/tag/14.5.0

https://github.com/orchidsoftware/platform/security/advisories/GHSA-ph6g-p72v-pc3p

https://github.com/orchidsoftware/platform/releases/tag/14.5.0

https://github.com/orchidsoftware/platform/security/advisories/GHSA-ph6g-p72v-pc3p