CVE-2024-58313

Name of the Vulnerable Software and Affected Versions xbtitFM version 4.1.18

Description The software contains an insecure file upload issue. Authenticated attackers with administrative privileges can upload and execute arbitrary PHP code through the file hosting feature. File type restrictions can be bypassed by modifying the Content-Type header to image/gif and adding GIF89a magic bytes, allowing the upload of web shells. These web shells can then execute system commands using alternate PHP tags. The vulnerable feature is the file hosting functionality. The attack involves manipulating the Content-Type header and utilizing alternate PHP tags.

Recommendations Apply a fix to restrict file uploads to authorized file types. Implement stricter validation of uploaded files, including checking file content and magic bytes. Disable or remove the file hosting feature if it is not essential.