An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code (e.g., ASP code) in the form of a safe file type (e.g., a TXT file), and then using the FileEditor (in v1.5.8 and prior) or the FileManager's rename function (in v1.5.7 and prior) to rename the file to an executable extension (e.g., ASP), and finally executing the file via an HTTP GET request to /<path_to_file>.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-12T18:15:14
Updated: 2024-08-04T16:11:36.668Z
Reserved: 2020-10-21T00:00:00
Link: CVE-2020-27386
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-11-12T19:15:15.207
Modified: 2022-12-06T21:18:24.263
Link: CVE-2020-27386
Redhat
No data.