PT-2017-12224 · Earcms · Earcms Ear Music

Published

2017-07-30

Updated

2017-08-04

CVE-2017-11756

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Earcms Ear Music versions prior to 4.1 build 20170710

Description The issue allows remote authenticated users to execute arbitrary PHP code. This can be achieved by modifying the allowable music-upload extensions in admin.php?iframe=config upload to include .php, in addition to .mp3 and .m4a, and then uploading the code using user.php/music/add/.

Recommendations For Earcms Ear Music versions prior to 4.1 build 20170710, as a temporary workaround, consider restricting access to the admin.php?iframe=config upload endpoint and the user.php/music/add/ endpoint to prevent arbitrary PHP code execution until a patch is available. Avoid using the music upload feature with .php extensions in the affected versions.

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2017-11756

Affected Products

Earcms Ear Music

PT-2017-12224 · Earcms · Earcms Ear Music

CVE-2017-11756

Weakness Enumeration

Related Identifiers

Affected Products

References · 3