PT-2021-23694 · Suitecrm · Suitecrm

M. Cory Billington

Published

2021-10-22

Updated

2024-03-06

CVE-2021-42840

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SuiteCRM versions prior to 7.11.19

Description The issue allows remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, the logger file name can refer to an attacker-controlled PHP file under the web root, because only the all-lowercase PHP file extensions were blocked.

Recommendations For versions prior to 7.11.19, update to version 7.11.19 or later to resolve the issue. As a temporary workaround, consider restricting access to the system settings Log File Name setting to minimize the risk of exploitation. Avoid using the logger file name setting in a way that could allow an attacker to control the PHP file under the web root until the issue is resolved.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

BIT-SUITECRM-2021-42840

CVE-2021-42840

Affected Products

Suitecrm

PT-2021-23694 · Suitecrm · Suitecrm

CVE-2021-42840

Weakness Enumeration

Related Identifiers

Affected Products

References · 12