CVE-2024-40645

Name of the Vulnerable Software and Affected Versions FOG versions prior to 1.5.10.41

Description The issue is related to an improperly restricted file upload feature in FOG, a cloning/imaging/rescue suite/inventory management system. This allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has specific checks on the client banner image, requiring it to be 650 pixels wide and 120 pixels high, but lacks checks on file extensions. This can be exploited by appending a PHP webshell to the end of an image and changing the extension to something the PHP web server can parse.

Recommendations For versions prior to 1.5.10.41, update to version 1.5.10.41 to resolve the issue. As a temporary workaround, consider restricting access to the file upload feature in the Rebranding module to minimize the risk of exploitation. Avoid using the file upload feature with untrusted users until the issue is resolved.