PT-2021-17712 · Servicetonic · Servicetonic Helpdesk
Published
2021-11-08
·
Updated
2021-11-09
·
CVE-2021-28023
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
ServiceTonic Helpdesk software version < 9.0.35937
Description:
The issue allows a malicious user to execute JSP code by uploading a zip file that extracts files in relative paths, leveraging the arbitrary file upload in the Service import feature.
Recommendations:
For versions prior to 9.0.35937, consider disabling the Service import feature until a patch is available to prevent exploitation. Restrict access to the import functionality to minimize the risk of arbitrary file uploads. Avoid using the Service import feature with untrusted or unknown zip files until the issue is resolved.
Exploit
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Servicetonic Helpdesk