CVE-2022-24688

Name of the Vulnerable Software and Affected Versions DSK DSKNet versions 2.16.136.0 through 2.17.136.5

Description An issue allows unrestricted file upload, leading to Remote Code Execution, via PDF upload with PHP content and a .php extension in the Touch settings. The attacker must have privileged user access to the Parameters page to exploit this issue, which can be achieved by exploiting Broken Access Control with further Brute-force attack or SQL Injection. The uploaded file is stored within the database and copied to the sync web folder if the attacker visits a certain '.php?action=' page.

Recommendations For versions 2.16.136.0 through 2.17.136.5, consider disabling the file upload feature in the Touch settings until a patch is available. Restrict access to the Parameters page to minimize the risk of exploitation. Avoid using the '.php?action=' page in the sync web folder until the issue is resolved.