CVE-2019-16759

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Basic Information

CVE State: PUBLISHED
Reserved Date: September 24, 2019
Published Date: September 24, 2019
Last Updated: February 04, 2025
Vendor: n/a
Product: n/a
Description: vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

CVSS Scores

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2020-08-24 16:15:10 UTC) Source

References

https://seclists.org/fulldisclosure/2019/Sep/31 https://www.theregister.co.uk/2019/09/24/vbulletin_vbug_zeroday/ https://arstechnica.com/information-technology/2019/09/public-exploit-code-spawns-mass-attacks-against-high-severity-vbulletin-bug/ http://packetstormsecurity.com/files/154623/vBulletin-5.x-0-Day-Pre-Auth-Remote-Command-Execution.html http://packetstormsecurity.com/files/154648/vBulletin-5.x-Pre-Auth-Remote-Code-Execution.html http://packetstormsecurity.com/files/155633/vBulletin-5.5.4-Remote-Command-Execution.html http://packetstormsecurity.com/files/158830/vBulletin-5.x-Remote-Code-Execution.html http://packetstormsecurity.com/files/158829/vBulletin-5.x-Remote-Code-Execution.html http://seclists.org/fulldisclosure/2020/Aug/5 http://packetstormsecurity.com/files/158866/vBulletin-5.x-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vbulletin_widgetconfig_rce.rb	2025-04-29 11:01:24 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-16759.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

vbulletin_widgetconfig_rce

Type: metasploit • Created: Unknown

Metasploit module for CVE-2019-16759

fxp0-4tx/CVE-2019-16759

Type: github • Created: 2020-11-29 06:19:36 UTC • Stars: 0

Vbulletin RCE Exploits

sunian19/CVE-2019-16759

Type: github • Created: 2020-08-24 16:15:10 UTC • Stars: 1

0xdims/CVE-2019-16759

Type: github • Created: 2020-08-16 18:17:33 UTC • Stars: 5

This tools will extracts and dumps Email + SMTP from vBulletin database server

nako48/CVE-2019-16759

Type: github • Created: 2020-08-13 19:11:37 UTC • Stars: 1

Vbulletin RCE Exploit

FarjaalAhmad/CVE-2019-16759

Type: github • Created: 2019-10-12 18:51:16 UTC • Stars: 3

Interactive-Like Command-Line Console for CVE-2019-16759

jas502n/CVE-2019-16759

Type: github • Created: 2019-09-26 03:56:22 UTC • Stars: 21

vBulletin 5.x 未授权远程代码执行漏洞

r00tpgp/http-vuln-CVE-2019-16759

Type: github • Created: 2019-09-26 03:27:17 UTC • Stars: 3

Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759

M0sterHxck/CVE-2019-16759-Vbulletin-rce-exploit

Type: github • Created: 2019-09-25 16:12:27 UTC • Stars: 5

Vbulletin rce exploit CVE-2019-16759