PT-2018-4898 · Projectsend · Projectsend

Published

2018-10-28

Updated

2018-12-06

CVE-2016-10732

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ProjectSend (formerly cFTP) version r582

Description The issue allows for authentication bypass through direct requests to specific files or parameters. This can be achieved by accessing "users.php", "home.php", "edit-file.php?file id=1", or "process-zip-download.php" directly, or by adding "add user form *" parameters to "users-add.php".

Recommendations For ProjectSend (formerly cFTP) version r582, as a temporary workaround, consider restricting direct access to the files "users.php", "home.php", "edit-file.php", and "process-zip-download.php" until a patch is available. Additionally, restrict the use of "add user form *" parameters in "users-add.php" to minimize the risk of exploitation.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2016-10732

Affected Products

Projectsend

PT-2018-4898 · Projectsend · Projectsend

CVE-2016-10732

Weakness Enumeration

Related Identifiers

Affected Products

References · 3