CVE-2023-4760

Name of the Vulnerable Software and Affected Versions Eclipse RAP versions 3.0.0 through 3.25.0

Description The issue is related to a not completely secure extraction of the file name in the FileUploadProcessor.stripFileName(String name) method. This allows for Remote Code Execution on Windows when using the FileUpload component. For example, a file name such as /....webappsshell.war can be used to upload a file to a Tomcat server under Windows, which is then saved as ....webappsshell.war in its webapps directory and can then be executed.

Recommendations For Eclipse RAP versions 3.0.0 through 3.25.0, consider disabling the FileUploadProcessor.stripFileName(String name) method or restricting the use of the FileUpload component until a patch is available. As a temporary workaround, avoid using the FileUpload component on Windows systems to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.