CVE-2017-3188

Name of the Vulnerable Software and Affected Versions: dotCMS versions 3.7.1 and earlier

Description: The issue concerns the "Push Publishing" feature in Enterprise Pro, where the dotCMS administration panel is vulnerable to path traversal. This occurs when "Bundle" tar.gz archives are uploaded and decompressed, allowing files to be written to arbitrary directories due to improper filename checking. An unauthenticated remote attacker can exploit this to perform actions with the same permissions as a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application.

Recommendations: For dotCMS versions 3.7.1 and earlier, as a temporary workaround, consider disabling the "Push Publishing" feature until a patch is available. Restrict access to the administration panel to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.