PT-2018-11471 · Publiccms · Publiccms

Fupinglee

Published

2018-06-27

Updated

2018-08-20

CVE-2018-12914

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PublicCMS version 4.0.20180210

Description A remote code execution issue was found, allowing an attacker to upload a ZIP archive containing a .jsp file with a directory traversal pathname. After the unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.

Recommendations For PublicCMS version 4.0.20180210, consider restricting the upload of ZIP archives or limiting the execution of .jsp files to prevent arbitrary code execution until a patch is available. As a temporary workaround, restrict access to directories where .jsp files can be executed to minimize the risk of exploitation.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2018-12914

Affected Products

Publiccms

PT-2018-11471 · Publiccms · Publiccms

CVE-2018-12914

Weakness Enumeration

Related Identifiers

Affected Products

References · 3