CVE-2021-3129 Laravel Remote code execution

Ambionics Security team Found a remote code execution vulnerability in the Laravel component. Vulnerability number is CVE-2021-3129.

Vulnerability Detail

The vulnerability is due to the fact that in debug mode, certain interfaces of Laravel’s built-in Ignition function do not strictly filter the input data, allowing attackers to use malicious log files to cause phar deserialization attacks, remote code execution, and finally obtain server permissions.

Affected version

  • Laravel < 8.4.3
  • Facade ignition < 2.5.2

Solution

Latest security patch has been released. It is recommended that affected users upgrade the Laravel framework

Working Exploit Script

https://github.com/ambionics/laravel-exploits