QwikSec

Security Database

CVE

CWE

Training

CVE-2020-27386

Published: Nov 12, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using the FileEditor (in v1.5.8 and prior) or the FileManager's rename function (in v1.5.7 and prior) to rename the file to an executable extension (e.g., ASP), and finally executing the file via an HTTP GET request to /<path_to_file>.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/MacdonaldRobinson/FlexDotnetCMS/releases/tag/v1.5.9

x_refsource_MISC

https://blog.vonahi.io/whats-in-a-re-name/

x_refsource_MISC

https://github.com/rapid7/metasploit-framework/pull/14339

x_refsource_MISC

http://packetstormsecurity.com/files/160411/FlexDotnetCMS-1.5.8-Arbitrary-ASP-File-Upload.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2020-27386 - Security Vulnerability | QwikSec