CVE-2014-2279

Name of the Vulnerable Software and Affected Versions SeedDMS versions prior to 4.3.4

Description The issue allows remote authenticated users with access to the LogManagement functionality to read arbitrary files via a .. (dot dot) in the logname parameter to "out/out.LogManagement.php". Additionally, remote attackers can write to arbitrary files via a .. (dot dot) in the fileId parameter to "op/op.AddFile2.php". This can potentially be leveraged to execute arbitrary code.

Recommendations For versions prior to 4.3.4, update to version 4.3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the LogManagement functionality and the op.AddFile2.php endpoint to minimize the risk of exploitation. Avoid using the logname and fileId parameters in the affected endpoints until the issue is resolved.