This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: InPost Gallery < 2.1.4.1 has a Path Traversal/LFI vulnerability. <br>π₯ **Consequences**: Attackers can force inclusion of malicious files/URLs, leading to **Remote Code Execution (RCE)** on the server.β¦
π οΈ **Root Cause**: Insecure use of PHP's `extract()` function. <br>β οΈ **Flaw**: When rendering HTML views, user input is not sanitized before extraction, allowing variable injection.β¦
π **Threshold**: **LOW**. <br>π **Auth**: Unauthenticated (No credentials required). <br>βοΈ **Config**: Exploitable via standard HTTP requests to the plugin's HTML rendering endpoints. Easy to trigger. π
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Public Exp?**: **YES**. <br>π οΈ **Tools**: <br>1. **INPGer**: Automatic mass checking tool (GitHub: im-hanzou). <br>2. **Nuclei**: Template available (projectdiscovery).β¦
π **Self-Check**: <br>1. Scan for InPost Gallery plugin version. <br>2. Use **Nuclei** with CVE-2022-4063 template. <br>3. Check for LFI indicators in HTTP responses. <br>4.β¦
π‘οΈ **Fixed?**: **YES**. <br>π¦ **Patch**: Update InPost Gallery to version **2.1.4.1 or later**. <br>β **Mitigation**: Official update resolves the `extract()` insecurity. π
Q9What if no patch? (Workaround)
π§ **No Patch?**: <br>1. **Disable/Remove** the InPost Gallery plugin immediately. <br>2. Restrict access to WordPress admin/plugins via WAF. <br>3. Monitor logs for LFI/RCE attempts. π Critical workaround.
Q10Is it urgent? (Priority Suggestion)
π¨ **Urgency**: **CRITICAL**. <br>β³ **Priority**: **P0 - Immediate Action**. <br>π’ **Reason**: Unauthenticated RCE + Public PoCs + High Impact. Patch immediately or disable plugin. β° Time-sensitive.