PT-2018-5627 · Onethink+1 · Onethink+1

Bo Wang

Published

2018-04-10

Updated

2018-05-17

CVE-2017-14323

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Onethink versions V1.0 through V1.1

Description: The issue allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution. This is achieved through a Server Side Request Forgery (SSRF) in the getRemoteImage.php file in Ueditor, utilizing the upfile parameter.

Recommendations: For Onethink versions V1.0 through V1.1, consider restricting access to the getRemoteImage.php file or disabling the upfile parameter to minimize the risk of exploitation.

Exploit

Fix

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2017-14323

Affected Products

Onethink

Ueditor

PT-2018-5627 · Onethink+1 · Onethink+1

CVE-2017-14323

Weakness Enumeration

Related Identifiers

Affected Products

References · 3