Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-33404: GitHub - hacip/CVE-2023-33404

An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code.

CVE
Open in Source
#vulnerability#git#rce

CVE-2023-33404

A user who has EditOwnPosts right on BlogEngine.NET CMS (version 3.3.8.0 and earlier) has the ability to upload a malicious file to a hard-coded location.

POST request to /api/upload endpoint with “action=video” parameters, as shown in the screenshot below, triggers a file upload process.

The application, first, checks if the user has EditOwnPosts rights to proceed with the video upload, otherwise, the application rise an error.

As depicted in the screenshot below, on lines 101 and 105, the application sets a hard-coded location for files being uploaded. After that, it calls a function named UploadVideo (on line 107)

The UploadVideo function. checks if the target directory exists, creates it if it does not, and saves the file to the directory.

As depicted in the screenshot below, it moves the malicious file to the hardcoded directory. Requesting the file that was uploaded leads RCE.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE