PT-2017-6375 · Netsweeper · Netsweeper

Anastasios Monachos

+1

·

Publicado

2017-09-19

·

Atualizado

2017-09-27

·

CVE-2014-9619

CVSS v2.0

6.5

Média

VetorAV:N/AC:L/Au:S/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Netsweeper versions prior to 3.1.10 Netsweeper versions 4.0.x prior to 4.0.9 Netsweeper versions 4.1.x prior to 4.1.2
Description The issue allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code. This can be achieved by uploading a file with a double extension to webadmin/ajaxfilemanager/ajaxfilemanager.php, and then accessing it via a direct request to the file in webadmin/deny/images/. For example, a file named secuid0.php.gif can be used for this purpose.
Recommendations For versions prior to 3.1.10, update to version 3.1.10 or later. For versions 4.0.x prior to 4.0.9, update to version 4.0.9 or later. For versions 4.1.x prior to 4.1.2, update to version 4.1.2 or later.

Exploit

Correção

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-434

Identificadores relacionados

CVE-2014-9619

Produtos afetados

Netsweeper