CVE-2018-18830

Name of the Vulnerable Software and Affected Versions MCMS version 4.6.5

Description An issue was discovered in the FileAction.java file, where the upload interface does not verify the user login status, allowing files to be uploaded without setting a cookie. This can be exploited by uploading JSP code with a .png filename, intercepting the data packet, and changing the suffix to jsp in the name parameter. The server then returns the storage path of the file, which can be accessed to execute arbitrary JSP code.

Recommendations For MCMS version 4.6.5, as a temporary workaround, consider restricting access to the upload interface until a patch is available. Additionally, restrict access to the FileAction.java file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.