CVE-2019-15766

Name of the Vulnerable Software and Affected Versions KSLABS KSWEB (aka ru.kslabs.ksweb) version 3.93

Description The issue allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to, and the config text parameter set to the content of the file to be created. This can result in a PHP file being written to the public web directory and subsequently executed. The attacker must have network connectivity to the PHP server running on the Android device.

Recommendations For KSLABS KSWEB version 3.93, as a temporary workaround, consider restricting access to the AJAX handler and limiting the ability to set the configFile and config text parameters to prevent arbitrary file creation. Additionally, restrict execution of PHP files in the public web directory to minimize the risk of exploitation.