CVE-2023-33480

Name of the Vulnerable Software and Affected Versions RemoteClinic version 2.0

Description The issue is caused by a lack of input validation and access control in the "staff/register.php" endpoint and the "edit-my-profile.php" page. This allows a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. By sending specially crafted requests to the RemoteClinic application, an attacker can upload a PHP file containing arbitrary code and execute arbitrary commands.

Recommendations For RemoteClinic version 2.0, consider disabling access to the "staff/register.php" endpoint and the "edit-my-profile.php" page until a patch is available. Restrict the ability to upload PHP files to prevent arbitrary code execution. As a temporary workaround, limit the privileges of low-privileged user credentials to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.