CVE-2021-29440: Twig allowing dangerous PHP functions by default
First published: Tue Apr 13 2021(Updated: )
Grav is a file based Web-platform. Twig processing of static pages can be enabled in the front matter by any administrative user allowed to create or edit pages. As the Twig processor runs unsandboxed, this behavior can be used to gain arbitrary code execution and elevate privileges on the instance. The issue was addressed in version 1.7.11.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Getgrav Grav | <1.7.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-29440?
CVE-2021-29440 is a vulnerability in the Grav CMS that allows arbitrary code execution and privilege escalation.
What is the severity of CVE-2021-29440?
CVE-2021-29440 has a severity rating of high, with a score of 7.2.
How can CVE-2021-29440 be exploited?
CVE-2021-29440 can be exploited by enabling Twig processing of static pages in the front matter, which allows an administrative user to execute arbitrary code and elevate privileges.
Which versions of Grav are affected by CVE-2021-29440?
Grav versions up to and excluding 1.7.11 are affected by CVE-2021-29440.
Is there a fix for CVE-2021-29440?
Yes, upgrading to Grav version 1.7.11 or newer is the recommended fix for CVE-2021-29440.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/author
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/getgrav
- canonical/getgrav grav