{"id":6223,"date":"2024-02-26T21:41:46","date_gmt":"2024-02-26T20:41:46","guid":{"rendered":"https:\/\/sajberinfo.com\/?p=6223"},"modified":"2024-02-26T21:41:46","modified_gmt":"2024-02-26T20:41:46","slug":"wordpress-bricks-builder-theme-ranjivost","status":"publish","type":"post","link":"https:\/\/sajberinfo.com\/en\/2024\/02\/26\/wordpress-bricks-builder-theme-ranjivost\/","title":{"rendered":"WordPress Bricks Builder Theme ranjivost"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\"><em>WordPress Bricks Builder Theme<\/em> ranjivost se aktivno iskori\u0161tava za pokretanje proizvoljnog <em>PHP<\/em> k\u00f4da na ranjivim instalacijama. Ranjivost ozna\u010dena kao <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2024-25600\" target=\"_blank\" rel=\"noopener\"><em>CVE-2024-25600<\/em><\/a> (<em>CVSS<\/em> ocjena: <em>9.8<\/em>) omogu\u0107ava <a href=\"https:\/\/sajberinfo.com\/en\/2022\/03\/19\/hakeri-crni-sesiri-epizoda-3\/\" target=\"_blank\" rel=\"nofollow noopener\">neautorizovanim napada\u010dima<\/a> da postignu daljinsko izvr\u0161avanje k\u00f4da \u0161to uti\u010de na <em>Bricks<\/em> verziju <em>1.9.6<\/em> i ni\u017ee.<\/span><\/p>\n<div id=\"attachment_6226\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-6226\" class=\"size-full wp-image-6226\" src=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme.jpg\" alt=\"Bricks Builder\" width=\"1024\" height=\"1024\" srcset=\"https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme.jpg 1024w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-300x300.jpg 300w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-150x150.jpg 150w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-768x768.jpg 768w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-12x12.jpg 12w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-80x80.jpg 80w, https:\/\/sajberinfo.com\/wp-content\/uploads\/2024\/02\/Bricks-Builder-Theme-320x320.jpg 320w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><p id=\"caption-attachment-6226\" class=\"wp-caption-text\"><em>WordPress Bricks Builder Theme ranjivost; Source: Bing Image Creator<\/em><\/p><\/div>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Sadr\u017eaj<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/26\/wordpress-bricks-builder-theme-ranjivost\/#BRICKS_BUILDER_THEME\">BRICKS BUILDER THEME<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/26\/wordpress-bricks-builder-theme-ranjivost\/#BRICKS_BUILDER_RANJIVOST\">BRICKS BUILDER RANJIVOST<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/26\/wordpress-bricks-builder-theme-ranjivost\/#ZAKLJUCAK\">ZAKLJU\u010cAK<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/sajberinfo.com\/en\/2024\/02\/26\/wordpress-bricks-builder-theme-ranjivost\/#ZASTITA\">ZA\u0160TITA<\/a><\/li><\/ul><\/nav><\/div>\n\n<h2><span class=\"ez-toc-section\" id=\"BRICKS_BUILDER_THEME\"><\/span><span style=\"font-size: 14pt;\"><strong><em>BRICKS BUILDER THEME<\/em><\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Procjenjuje se da <em>Bricks Builder Theme<\/em> (premijum verzija) ima oko 25.000 trenutno aktivnih instalacija, a poznata je kao popularna tema za za pravljenje premijum internet stranica. Tema <em>Bricks Builder<\/em> je progla\u0161ena za inovativni, vizuelni kreator internet stranica za <em>WordPress<\/em> podr\u017ean zajednicom korisnika. Ova tema omogu\u0107ava korisnicima da dizajniraju jedinstvene, efikasne i skalabilne internet stranice sa pristupom bez k\u00f4da.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"BRICKS_BUILDER_RANJIVOST\"><\/span><span style=\"font-size: 14pt;\"><strong><em>BRICKS BUILDER <\/em>RANJIVOST<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Ranjivost <em>CVE-2024-25600<\/em> omogu\u0107ava neautorizovanim napada\u010dima da postignu daljinsko izvr\u0161avanje k\u00f4da \u0161to uti\u010de na <em>Bricks<\/em> verziju <em>1.9.6<\/em> i ni\u017ee. Kompanije <a href=\"https:\/\/snicco.io\/vulnerability-disclosure\/bricks\/unauthenticated-rce-in-bricks-1-9-6\" target=\"_blank\" rel=\"noopener\"><em>Snicco<\/em><\/a> i <a href=\"https:\/\/patchstack.com\/articles\/critical-rce-patched-in-bricks-builder-theme\/\" target=\"_blank\" rel=\"noopener\"><em>Patchstack<\/em><\/a>, su objavile tehni\u010dke detalje, uz napomenu da osnovni ranjivi k\u00f4d postoji u funkciji <em>prepare_query_vars_from_settings() function<\/em>.<\/span><\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cGre\u0161ka je identifikovana u funkciji &#8216;prepare_query_vars_from_settings&#8217;, koja se poziva iz razli\u010ditih procesa u kodu, uklju\u010dujuc\u0301i klasu Bricks\\Query, koja upravlja prikazivanjem WordPress upita za objavu i koja koristi PHP funkciju eval.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; Calvin Alkan, snicco &#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: 14pt;\">Konkretno, radi se o upotrebi sigurnosnih tokena zvanih \u201c<em>nonces<\/em>\u201d za verifikaciju dozvola, koje se zatim mogu koristiti za proslje\u0111ivanje proizvoljnih komandi za izvr\u0161enje, efektivno omogu\u0107avaju\u0107i zlonamjernom akteru da preuzme kontrolu nad ciljnom lokacijom. Vrijednost \u201c<em>nonces<\/em>\u201d je javno dostupna na prednjem planu (eng. <em>frontend<\/em>) <em>WordPress<\/em> stranice, a ne primjenjuju adekvatne provjere uloga.<\/span><\/p>\n<p>&nbsp;<\/p>\n<blockquote><p><span style=\"font-size: 14pt;\"><em>\u201cNikada se ne treba oslanjati na \u201cnonces\u201d za autentifikaciju, autorizaciju ili kontrolu pristupa Za\u0161titite svoje funkcije koriste\u0107i current_user_can() i uvijek pretpostavite da jednokratne stavke mogu biti kompromitovane.\u201d<\/em><\/span><\/p>\n<p style=\"text-align: right;\"><span style=\"font-size: 14pt;\"><em>\u00a0<\/em><\/span><span style=\"font-size: 14pt;\"><em>&#8211; <\/em><a href=\"https:\/\/developer.wordpress.org\/apis\/security\/nonces\/\" target=\"_blank\" rel=\"noopener\"><em>WordPress documentation <\/em><\/a><em>&#8211;<\/em><\/span><\/p>\n<\/blockquote>\n<p>&nbsp;<\/p>\n<p><span style=\"font-size: 14pt;\">Po\u0161to funkcija provjerava samo jednokratnu vrijednost, a <em>Bricks<\/em> ispisuje va\u017ee\u0107i <em>nonces<\/em> na prednjem planu <em>WordPress<\/em> stranice, \u010dak i za korisnike bez autentifikacije, napada\u010d mo\u017ee lako da preuzme <em>nonces<\/em> i pokrene izvr\u0161avanje daljinskog k\u00f4da (eng.\u00a0 <em>remote code execution \u2013 RCE<\/em>). Izvr\u0161avanje daljinskog k\u00f4da mo\u017ee dovesti do razli\u010ditih zlonamjernih aktivnosti, uklju\u010duju\u0107i: instaliranje <a href=\"https:\/\/sajberinfo.com\/en\/2021\/09\/26\/malware\/\" target=\"_blank\" rel=\"nofollow noopener\">zlonamjernog softvera<\/a>\u00a0 ili <a href=\"https:\/\/sajberinfo.com\/en\/2023\/04\/11\/backdoor\/\" target=\"_blank\" rel=\"nofollow noopener\">tajnog pristupa (eng. <em>backdoor<\/em>)<\/a>, kra\u0111u osjetljivih podataka, izmjenu sadr\u017eaja na internet stranici (eng. <em>website defacement<\/em>) i kori\u0161tenje servera za dalje napade.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZAKLJUCAK\"><\/span><span style=\"font-size: 14pt;\"><strong>ZAKLJU\u010cAK<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\"><em>WordPress<\/em> je najpopularniji graditelj internet lokacija na svetu i kao takav je popularna meta zlonamjernih aktera. Me\u0111utim, sama platforma se generalno smatra bezbjednom, pri \u010demu su dodaci \u2013 besplatni i komercijalni \u2013 najslabija karika. Dobra vest kod komercijalnih dodatka je da se aktivno odr\u017eavaju i da se nedostaci kao \u0161to je ovaj brzo popravljaju.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Ovaj incident slu\u017ei kao podsjetnik na stalnu prijetnju koju predstavljaju ranjivosti u <em>WordPress<\/em> temama i dodacima i zbog toga postoji nagla\u0161ena potreba da administratori internet lokacija ostanu na oprezu, redovno a\u017euriraju svoj softver i primjenjuju robusne bezbjednosne mjere za za\u0161titu od takvih prijetnji.<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"ZASTITA\"><\/span><span style=\"font-size: 14pt;\"><strong>ZA\u0160TITA<\/strong><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-size: 14pt;\">Kako se za\u0161titili, administratorima internet lokacija se preporu\u010duju sljede\u0107i koraci:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 14pt;\">A\u017euriranje <em>Bricks Builder<\/em> teme na verziju 1.9.6.1 bez odlaganja,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Pratiti internet lokaciju na prisustvo bilo kakvih sumnjivih aktivnosti i redovno provjeravanje da li postoje a\u017euriranja i zakrpe za sve instalirane teme i dodatke,<\/span><\/li>\n<li><span style=\"font-size: 14pt;\">Za\u0161titi internet lokaciju robusnim bezbjednosnim mjerama, uklju\u010duju\u0107i za\u0161titne zidove (eng. <em>firewall<\/em>), bezbjednosne dodatke i redovne <a href=\"https:\/\/sajberinfo.com\/en\/2020\/11\/02\/rezervna-kopija-i-cuvanje-podataka\/\" target=\"_blank\" rel=\"nofollow noopener\">rezervne kopije<\/a>.<\/span><\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>WordPress Bricks Builder Theme ranjivost se aktivno iskori\u0161tava za pokretanje proizvoljnog PHP k\u00f4da na ranjivim instalacijama. Ranjivost ozna\u010dena kao CVE-2024-25600 (CVSS ocjena: 9.8) omogu\u0107ava neautorizovanim napada\u010dima da postignu daljinsko izvr\u0161avanje k\u00f4da \u0161to uti\u010de na&#46;&#46;&#46;<\/p>","protected":false},"author":1,"featured_media":6226,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[142,837,93,839,288,841,840,259,838],"class_list":["post-6223","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-hronike","tag-backdoor","tag-bricks-builder","tag-malware","tag-nonces","tag-php","tag-rce","tag-remote-code-execution","tag-wordpress","tag-wordpress-theme"],"_links":{"self":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/comments?post=6223"}],"version-history":[{"count":0,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/posts\/6223\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media\/6226"}],"wp:attachment":[{"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/media?parent=6223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/categories?post=6223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sajberinfo.com\/en\/wp-json\/wp\/v2\/tags?post=6223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}