PT-2021-3363 · Admidio · Admidio
Fasse
·
Published
2021-01-23
·
Updated
2021-05-27
·
CVE-2021-32630
CVSS v3.1
9.6
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Admidio versions prior to 4.0.4
Description
The issue is related to an authenticated remote code execution (RCE) vulnerability via .phar file upload in Admidio. An attacker with upload permissions can rename a PHP web shell with a .phar extension and trigger the payload for a reverse/bind shell by visiting the file. This can be exploited through the Documents & Files upload feature. The vulnerability can be mitigated by excluding .phar file extensions from being uploaded.
Recommendations
For versions prior to 4.0.4, update to version 4.0.4 to resolve the issue.
As a temporary workaround, consider excluding .phar file extensions from being uploaded to prevent exploitation.
Exploit
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Admidio