CVE-2017-15285

Name of the Vulnerable Software and Affected Versions X-Cart versions 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3

Description The issue exists due to the application's failure to check remote file extensions before saving them locally, allowing for Remote Code Execution. This can be exploited by users with Vendor access or higher. An example attack involves uploading an image file to a product catalog's Attachments section, then uploading a .php file using the "Add File Via URL" action, and finally changing the image's Description URL to reference the .php file in the attachments/ directory.

Recommendations For versions 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3, consider restricting access to the "Add File Via URL" action and the Attachments section to prevent exploitation until a fix is available. As a temporary workaround, consider disabling the ability to upload files via URL in the product catalog until a patch is available. Restrict access to the attachments/ directory to minimize the risk of exploitation.