📄 LEPTON 7.4.0 Remote Code Execution_PACKETSTORM:211037

Description

LEPTON CMS version 7.4.0 contains a remote...

Basic Information

ID PACKETSTORM:211037

Published Oct 30, 2025 at 00:00

Affected Product

Affected Versions # Exploit Title: LEPTON 7.4.0 Remote Code Execution (RCE)
# Exploit Author: tmrswrr /Hulya KARABAG
# Vendor Homepage: https://lepton-cms.org/
# Software Link: https://lepton-cms.org/media/download_gallery/LEPTON_stable_7.4.0.zip
# Version : LEPTON 7.4.0 stable
# Date: October 29, 2025

## Vulnerability Description

LEPTON CMS version 7.4.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands through the Droplets functionality. This vulnerability arises from improper input validation and execution control within the Droplets feature.

## Proof of Concept

### Prerequisites
- Valid administrator credentials
- Access to the LEPTON CMS administrative interface

### Exploitation Steps

1. Authentication
- Log into the LEPTON CMS administration panel with administrator privileges

2. Access Droplets Management
- Navigate to: Menu > Administration > Admin-Tools
- Select the "Droplets" option

3. Create Malicious Droplet
- Click "Create New"
- Enter a droplet name (e.g., `malicious-droplet`)
- In the code field, insert the payload:

echo system('id');

- Click "Save and Back" to store the droplet

4. Trigger Execution
- Edit or create any page within the CMS
- In the content editor, insert the droplet using the syntax:

[[malicious-droplet]]

- Save the page modifications

5. Verify Exploitation
- Preview or visit the modified page
- The system command output will be displayed, confirming successful code execution

{
    "lastseen": "2025-10-30T15:15:49",
    "description": "LEPTON CMS version 7.4.0 contains a remote...",
    "published": "2025-10-30T00:00:00",
    "modified": "2025-10-30T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 LEPTON 7.4.0 Remote Code Execution",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:211037",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [],
    "sourceData": "# Exploit Title:  LEPTON 7.4.0 Remote Code Execution (RCE) \n    # Exploit Author: tmrswrr /Hulya KARABAG\n    # Vendor Homepage: https://lepton-cms.org/\n    # Software Link: https://lepton-cms.org/media/download_gallery/LEPTON_stable_7.4.0.zip\n    # Version : LEPTON 7.4.0 stable\n    # Date: October 29, 2025  \n    \n    \n    ## Vulnerability Description\n    \n    LEPTON CMS version 7.4.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands through the Droplets functionality. This vulnerability arises from improper input validation and execution control within the Droplets feature.\n    \n    ## Proof of Concept\n    \n    ### Prerequisites\n    - Valid administrator credentials\n    - Access to the LEPTON CMS administrative interface\n    \n    ### Exploitation Steps\n    \n    1. Authentication\n       - Log into the LEPTON CMS administration panel with administrator privileges\n    \n    2. Access Droplets Management\n       - Navigate to: Menu > Administration > Admin-Tools\n       - Select the \"Droplets\" option\n    \n    3. Create Malicious Droplet\n       - Click \"Create New\"\n       - Enter a droplet name (e.g., `malicious-droplet`)\n       - In the code field, insert the payload:\n       \n          \n         echo system('id');\n          \n       - Click \"Save and Back\" to store the droplet\n    \n    4. Trigger Execution\n       - Edit or create any page within the CMS\n       - In the content editor, insert the droplet using the syntax:\n         \n         [[malicious-droplet]]\n         \n       - Save the page modifications\n    \n    5. Verify Exploitation\n       - Preview or visit the modified page\n       - The system command output will be displayed, confirming successful code execution",
    "sourceHref": "https://packetstorm.news/download/211037",
    "cvss": {
        "score": 0,
        "severity": "NONE",
        "vector": "NONE",
        "version": "NONE"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/211037/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply