PT-2022-23279 · Taocms · Taocms

Published

2022-08-23

Updated

2022-08-25

CVE-2022-36261

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions taocms version 3.0.2

Description An arbitrary file deletion issue was found, allowing an attacker to delete files on the server by requesting a specific URL. The issue can be exploited through the admin.php endpoint with parameters such as action, ctrl, and path. For example, an attacker could use the path parameter to specify a file location like /../../../test.txt for deletion.

Recommendations For taocms version 3.0.2, consider restricting access to the admin.php endpoint or disabling the file deletion functionality until a fix is available. Avoid using the path parameter in the affected endpoint to minimize the risk of exploitation.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2022-36261

Affected Products

Taocms

PT-2022-23279 · Taocms · Taocms

CVE-2022-36261

Weakness Enumeration

Related Identifiers

Affected Products

References · 5