This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Kaltura's `getUserzoneCookie` function is vulnerable. π **Consequences**: Attackers can bypass security protections and inject/execute arbitrary PHP code.β¦
π‘οΈ **Root Cause**: Improper input validation in the `getUserzoneCookie` function. π **Flaw**: The system fails to sanitize the `userzone` cookie, allowing malicious payloads to be processed as code.β¦
π’ **Vendor**: Kaltura (US-based online video platform). π¦ **Affected Versions**: Versions **prior to 13.2.0**. π **Published**: Sept 19, 2017. β οΈ **Note**: Any version < 13.2.0 is at risk.
Q4What can hackers do? (Privileges/Data)
π» **Privileges**: Remote Code Execution (RCE). π΅οΈ **Action**: Hackers can execute arbitrary PHP code on the server. π **Data**: Potential full access to server data, user data, and platform control.β¦
π₯ **Public Exp?**: **YES**. π **References**: Exploit-DB IDs **43876** and **43028** are listed. π **Status**: Wild exploitation is possible as PoCs are available. π **Risk**: High due to accessible exploits.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for Kaltura instances. πͺ **Indicator**: Look for usage of `userzone` cookies in requests. π‘ **Tool**: Use scanners targeting Kaltura < 13.2.0. π **Verify**: Check version number against 13.2.0.
Q8Is it fixed officially? (Patch/Mitigation)
π οΈ **Fix**: **YES**. π **Patch**: Upgrade to **Kaltura 13.2.0** or later. π **Source**: Official commit `6a6d14328b7a1493e8c47f9565461e5f88be20c9` confirms the fix. β **Action**: Immediate update required.
Q9What if no patch? (Workaround)
π§ **Workaround**: If patching is delayed, restrict access to Kaltura endpoints. π **Mitigation**: Implement WAF rules to block malicious `userzone` cookie patterns. π **Limit**: Reduce exposure to untrusted networks.β¦