PT-2019-9977 · Gurock · Gurock Testrail

Published

2019-02-25

Updated

2019-10-17

CVE-2018-20063

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Gurock TestRail version 5.6.0.3853

Description An issue exists in the image-upload form, available in the description editor, allowing remote authenticated users to execute arbitrary code by uploading an image file with an executable extension but a safe Content-Type value, and then accessing it via a direct request to the file in the file-upload directory.

Recommendations For Gurock TestRail version 5.6.0.3853, consider restricting access to the image-upload form in the description editor to minimize the risk of exploitation. As a temporary workaround, restrict access to the file-upload directory according to the server configuration to prevent direct requests to uploaded files.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2018-20063

Affected Products

Gurock Testrail

PT-2019-9977 · Gurock · Gurock Testrail

CVE-2018-20063

Weakness Enumeration

Related Identifiers

Affected Products

References · 5