RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups     parameter. (CVE-2022-37155)

Note that Nessus relies on the presence of the package as reported by the vendor.

The remote Ubuntu 18.04 LTS / 20.04 LTS / 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7318-1 advisory.

    It was discovered that svg-sanitizer, vendored in SPIP, did not properly sanitize SVG/XML content. An     attacker could possibly use this issue to perform cross site scripting. This issue only affected Ubuntu     24.10. (CVE-2022-23638)

    It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use     this issue to perform cross site scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959)

    It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use     this issue to perform PHP injection attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960)

    It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use     this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28961)

    It was discovered that SPIP did not properly sanitize certain inputs. A remote authenticated attacker     could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS.
    (CVE-2022-37155)

    It was discovered that SPIP did not properly sanitize certain inputs. A remote attacker could possibly use     this issue to perform SQL injection attacks. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04     LTS. (CVE-2023-24258)

    It was discovered that SPIP did not properly handle serialization under certain circumstances. A remote     attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04     LTS and Ubuntu 20.04 LTS. (CVE-2023-27372)

    It was discovered that SPIP did not properly sanitize HTTP requests. A remote attacker could possibly use     this issue to execute arbitrary code. (CVE-2024-8517)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported version, the instance of SPIP CMS running on the remote web server is prior to 3.2.16 or 4.0.x prior to 4.0.8 or 4.1.X prior to 4.1.5. It is, therefore, affected by an Remote Code Execution via the _oups parameter.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number

ID	Name	Product	Family	Severity
255855	Linux Distros Unpatched Vulnerability : CVE-2022-37155	Nessus	Misc.	high
218738	Ubuntu 18.04 LTS / 20.04 LTS / 24.10 : SPIP vulnerabilities (USN-7318-1)	Nessus	Ubuntu Local Security Checks	critical
113843	SPIP CMS < 3.2.16 Remote Code Execution	Web App Scanning	Component Vulnerability	high
113842	SPIP CMS 4.0.x < 4.0.8 Remote Code Execution	Web App Scanning	Component Vulnerability	high
113841	SPIP CMS 4.1.x < 4.1.2 Remote Code Execution	Web App Scanning	Component Vulnerability	high

Detections

Analytics

CVE-2022-37155

high

Tenable Plugins

high

critical

high

high

high