Back to KEVs

CVE-2015-8562

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP...

Basic Information

CVE State
PUBLISHED
Reserved Date
December 15, 2015
Published Date
December 16, 2015
Last Updated
August 06, 2024
Vendor
Joomla!
Product
Joomla!
Description
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
Tags
joomla php nuclei_scanner metasploit_scanner

CVSS Scores

CVSS v2.0

7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploit Status

Exploited in the Wild
Yes (2015-12-16 21:00:00 UTC) Source

References

https://www.exploit-db.com/exploits/39033/ http://www.securityfocus.com/archive/1/537219/100/0/threaded https://www.exploit-db.com/exploits/38977/ http://packetstormsecurity.com/files/135100/Joomla-3.4.5-Object-Injection.html http://packetstormsecurity.com/files/134949/Joomla-HTTP-Header-Unauthenticated-Remote-Code-Execution.html https://developer.joomla.org/security-centre/630-20151214-core-remote-code-execution-vulnerability.html http://www.securityfocus.com/bid/79195 http://www.rapid7.com/db/modules/exploit/multi/http/joomla_http_header_rce https://blog.sucuri.net/2015/12/remote-command-execution-vulnerability-in-joomla.html

Known Exploited Vulnerability Information

Source Added Date
CVE 2015-12-16 21:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/joomla_http_header_rce.rb 2025-04-29 11:01:22 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-8562.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

joomla_http_header_rce

Type: metasploit • Created: Unknown

Metasploit module for CVE-2015-8562

guanjivip/CVE-2015-8562

Type: github • Created: 2020-07-25 07:05:28 UTC • Stars: 0

没有编写完成,以后学习更多知识在回来完善

VoidSec/Joomla_CVE-2015-8562

Type: github • Created: 2017-09-17 15:03:53 UTC • Stars: 9

A proof of concept for Joomla's CVE-2015-8562 vulnerability (Object Injection RCE)

paralelo14/CVE-2015-8562

Type: github • Created: 2017-01-08 12:59:16 UTC • Stars: 4

Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header

thejackerz/scanner-exploit-joomla-CVE-2015-8562

Type: github • Created: 2016-06-07 14:56:26 UTC • Stars: 0

RobinHoutevelts/Joomla-CVE-2015-8562-PHP-POC

Type: github • Created: 2016-01-04 22:27:06 UTC • Stars: 1

A proof of concept for Joomla's CVE-2015-8562 vulnerability

ZaleHack/joomla_rce_CVE-2015-8562

Type: github • Created: 2016-01-04 13:37:25 UTC • Stars: 8

All versions of the Joomla! below 3.4.6 are known to be vulnerable. But exploitation is possible with PHP versions below 5.5.29, 5.6.13 and below 5.5.

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Nuclei

  • Detected by Metasploit