PT-2020-18552 · Six Apart+1 · Movable Type Premium Advanced+5
Yuji Tounai
·
Published
2020-05-14
·
Updated
2020-05-15
·
CVE-2020-5577
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Movable Type series versions 7.2.1 and earlier
Movable Type Advanced series versions 7.2.1 and earlier
Movable Type for AWS series versions 7.2.1 and earlier
Movable Type 6.5 series versions 6.5.3 and earlier
Movable Type Advanced 6.5 series versions 6.5.3 and earlier
Movable Type 6.3 series versions 6.3.11 and earlier
Movable Type Advanced 6.3 series versions 6.3.11 and earlier
Movable Type Premium version 1.29 and earlier
Movable Type Premium Advanced version 1.29 and earlier
Description
The issue allows remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors.
Recommendations
For Movable Type series versions 7.2.1 and earlier, update to a version later than 7.2.1.
For Movable Type Advanced series versions 7.2.1 and earlier, update to a version later than 7.2.1.
For Movable Type for AWS series versions 7.2.1 and earlier, update to a version later than 7.2.1.
For Movable Type 6.5 series versions 6.5.3 and earlier, update to a version later than 6.5.3.
For Movable Type Advanced 6.5 series versions 6.5.3 and earlier, update to a version later than 6.5.3.
For Movable Type 6.3 series versions 6.3.11 and earlier, update to a version later than 6.3.11.
For Movable Type Advanced 6.3 series versions 6.3.11 and earlier, update to a version later than 6.3.11.
For Movable Type Premium version 1.29 and earlier, update to a version later than 1.29.
For Movable Type Premium Advanced version 1.29 and earlier, update to a version later than 1.29.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Movable Type
Movable Type Advanced
Movable Type Premium
Movable Type Premium Advanced
Movable Type For Aws
Php