PT-2018-13420 · Thinkcmf · Thinkcmf

Publicado

2018-08-30

Atualizado

2018-11-06

CVE-2018-16141

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions ThinkCMF version X2.2.3

Description The issue allows for arbitrary file deletion. It is located in the do avatar function within the ProfileController.class.php file. The vulnerability can be exploited via the imgurl parameter by using a .. sequence. This enables a member user to delete any file on a Windows server.

Recommendations For ThinkCMF version X2.2.3, restrict access to the do avatar function in the ProfileController.class.php file to prevent arbitrary file deletion. Avoid using the imgurl parameter with a .. sequence in the affected API endpoint until the issue is resolved.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2018-16141

Produtos afetados

Thinkcmf

PT-2018-13420 · Thinkcmf · Thinkcmf

CVE-2018-16141

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3