Headline
CVE-2021-42171: Upload file to RCE in Zenario CMS 9.0.54156 · Issue #2 · hieuminhnv/Zenario-CMS-9.0-last-version
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.
Summary
hi team,
I found high Upload file to RCE.
Info
Zenario CMS 9.0.54156 last version
FireFox 92.0.1 (64-bit)
Steps
Login to account http://xxx.xxx.x.x/admin.php?cID=1&cType=html
Choose Documents >> Upload documents
Use burpsuite and capture request file a.html
Click Edit document metadata >> use burpsuite to capture >> save
In value current_value, edit value html to php
Click Actions >> view public link
7.Copy link to URL >> BOOM
Inpact :
An attacker could upload a dangerous executable file like a virus, malware, etc…
The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.