CVE-2023-1713

Name of the Vulnerable Software and Affected Versions Bitrix24 versions prior to 22.0.300

Description An issue exists in the component bitrix/modules/crm/lib/order/import/instagram.php of Bitrix24 that stems from insufficient protection of web page structure. Exploitation of this issue could allow a remote attacker to execute arbitrary code by uploading a specially crafted ".htaccess" file. The issue allows for privilege escalation. The vulnerability is tracked as CVE-2023-1713. No information is available regarding the number of potentially affected devices worldwide or any real-world incidents where this issue has been exploited. The vulnerability involves insecure temporary file creation. The vulnerable file is located at bitrix/modules/crm/lib/order/import/instagram.php.

Recommendations Disable or remove unused user accounts. Minimize user privileges. Utilize web application firewall (WAF) tools. Monitor server access logs for requests to '/upload/tmp/xxx/.htaccess' (where xxx is a 3-character alphanumeric string) or any request to '/upload/tmp/' via HTTP. At the moment, there is no information about a newer version that contains a fix for this vulnerability.