This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: OS Command Injection in YouPHPTube Encoder. π₯ **Consequences**: Attackers can execute arbitrary system commands, leading to full server compromise.
Q2Root Cause? (CWE/Flaw)
π‘οΈ **Root Cause**: CWE-78 (OS Command Injection). π **Flaw**: The `base64Url` parameter in `/objects/getSpiritsFromVideo.php` fails to filter special characters before passing to the OS.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: YouPHPTube Encoder. π **Version**: Specifically version **2.3**. π **Component**: The `getImageMP4.php` file is also noted as vulnerable in PoCs.
Q4What can hackers do? (Privileges/Data)
π **Privileges**: Commands run with the web server's privileges. π **Data**: Potential full read/write access to server files, data exfiltration, or lateral movement.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **LOW**. π« **Auth**: Unauthenticated. π **Config**: No login required to trigger the injection via the vulnerable parameter.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit**: **YES**. π **PoC**: Public Nuclei template available on GitHub. π **Wild Exploit**: Known to be exploitable by attackers without prior access.
Q7How to self-check? (Features/Scanning)
π **Check**: Scan for YouPHPTube Encoder v2.3. π§ͺ **Test**: Inject payloads into the `base64Url` parameter of `/objects/getSpiritsFromVideo.php` or `getImageMP4.php`.