CVE-2020-5846

Name of the Vulnerable Software and Affected Versions Ahsay Cloud Backup Suite version 8.3.0.30

Description An issue was discovered in Ahsay Cloud Backup Suite, allowing for insecure file upload and code execution. This can be achieved via a "PUT /obs/obm7/file/upload" request, where the X-RSW-custom-encode-path HTTP header contains a base64-encoded pathname, and the content is provided in the HTTP request body. This enables uploading a file into any directory of the server, potentially allowing the insertion of a JSP shell into the web server's directory, which can then be executed. This leads to full system access as the configured user when starting from any authenticated session.

Recommendations For Ahsay Cloud Backup Suite version 8.3.0.30, update to the 83/830122/cbs-*-hotfix-task26000 builds to resolve the issue. As a temporary workaround, consider restricting access to the "PUT /obs/obm7/file/upload" endpoint and limiting the ability to upload files to sensitive directories until the update is applied.