Untriaged
Permalink
CVE-2025-11344
6.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
ILIAS Certificate Import Remote Code Execution
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2 addresses this issue. It is recommended to upgrade the affected component.
References
- VDB-327229 | ILIAS Certificate Import Remote Code Execution vdb-entry
- VDB-327229 | CTI Indicators (IOB, IOC) signature permissions-required
- Submit #664889 | ILIAS open source e-Learning e. V. ILIAS >=8.0.0, <=10.1 Unrestricted Upload third-party-advisory
- https://docu.ilias.de/go/blog/15821/882 related
- VDB-327229 | ILIAS Certificate Import code injection vdb-entry technical-description
- VDB-327229 | CTI Indicators (IOB, IOC, TTP) signature permissions-required
- Submit #664889 | ILIAS open source e-Learning e. V. ILIAS >=8.0.0, <=10.1 Unrestricted Upload third-party-advisory
- https://docu.ilias.de/go/blog/15821/882 related
- VDB-327229 | ILIAS Certificate Import code injection vdb-entry technical-description
- VDB-327229 | CTI Indicators (IOB, IOC, TTP) signature permissions-required
- Submit #664889 | ILIAS open source e-Learning e. V. ILIAS >=8.0.0, <=10.1 Unrestricted Upload third-party-advisory
- https://docu.ilias.de/go/blog/15821/882 related
- https://srlabs.de/blog/breaking-ilias-part-2-three-to-rce
Affected products
ILIAS
- ==8.3
- ==8.9
- ==8.14
- ==9.9
- ==8.11
- ==9.12
- ==10.0
- ==8.1
- ==9.11
- ==8.22
- ==8.24
- ==8.7
- ==9.4
- ==8.8
- ==8.2
- ==8.13
- ==8.15
- ==8.4
- ==8.17
- ==8.5
- ==9.1
- ==8.20
- ==8.10
- ==9.6
- ==9.10
- ==8.21
- ==8.16
- ==9.0
- ==9.3
- ==9.13
- ==8.19
- ==9.7
- ==9.8
- ==9.5
- ==10.2
- ==8.23
- ==8.12
- ==10.1
- ==8.0
- ==9.14
- ==9.2
- ==8.6
- ==8.18
Matching in nixpkgs
pkgs.biliass
Convert Bilibili XML/protobuf danmaku to ASS subtitle
pkgs.python312Packages.biliass
Convert Bilibili XML/protobuf danmaku to ASS subtitle
pkgs.python313Packages.biliass
Convert Bilibili XML/protobuf danmaku to ASS subtitle
Package maintainers
-
@linsui linsui <linsui555@gmail.com>