CVE-2019-8362

Published: Feb 16, 2019Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content).

Affected (4)

Products: Dedecms: Dedecms

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Dedecms Dedecms	Before 5.7
Dedecms Dedecms	Version 5.7
Dedecms Dedecms	Version 5.7 sp1
Dedecms Dedecms	Version 5.7 sp2

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

http://tusk1.cn/2019/02/16/dedecms%20v5.7%20sp2%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E/

Source: cve@mitre.org

ExploitThird Party Advisory

http://tusk1.cn/2019/02/16/dedecms%20v5.7%20sp2%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.