CVE-2020-25790

Published: Sep 19, 2020Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2

Affected (1)

Products: Typesettercms: Typesetter

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Typesettercms Typesetter	From 5.0 to 5.1

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (8)

http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2020/Oct/11

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://github.com/Typesetter/Typesetter/issues/674

Source: cve@mitre.org

Third Party Advisory

http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2020/Oct/11

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://github.com/Typesetter/Typesetter/issues/674

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.