CVE-2018-20159

Name of the Vulnerable Software and Affected Versions i-doit open version 1.11.2

Description The issue allows for Remote Code Execution due to the mishandling of ZIP archives. It involves an upload feature that permits an authenticated administrator to upload arbitrary files to the main website directory. Exploitation occurs by uploading a ".php" file within a ".zip" file, which is accepted as a plugin by the /admin/?req=modules&action=add endpoint and then extracted to the main directory. The ".zip" file must also contain a package.json file to be accepted.

Recommendations For i-doit open version 1.11.2, consider disabling the upload feature for administrators or restricting the types of files that can be uploaded to prevent exploitation until a fix is available. Additionally, restrict access to the /admin/?req=modules&action=add endpoint to minimize the risk of uploading malicious ZIP archives.