CISA KEV 정보
| 취약점명 | dotCMS Unrestricted Upload of File Vulnerability |
|---|---|
| 설명 | dotCMS ContentResource API contains an unrestricted upload of file with a dangerous type vulnerability that allows for directory traversal, in which the file is saved outside of the intended storage location. Exploitation allows for remote code execution. |
| 조치사항 | Apply updates per vendor instructions. |
| 랜섬웨어 캠페인 악용 | Known |
| CWE | CWE-22 | CWE-138 |
| 등록일 (KEV) | 2022-08-25 |
| 조치 기한 | 2022-09-15 |
| 추가 참고 | https://www.dotcms.com/security/SI-62; https://nvd.nist.gov/vuln/detail/CVE-2022-26352 |
NVD 상세 정보
CVSS v3.1: 9.8 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVSS v2.0: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P설명: An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.
참조
- http://packetstormsecurity.com/files/167365/dotCMS-Shell-Upload.html [Exploit, Third Party Advisory, VDB Entry]
- https://groups.google.com/g/dotcms [Permissions Required, Third Party Advisory]
- http://packetstormsecurity.com/files/167365/dotCMS-Shell-Upload.html [Exploit, Third Party Advisory, VDB Entry]
- https://groups.google.com/g/dotcms [Permissions Required, Third Party Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26352 [US Government Resource]
This product uses the NVD API but is not endorsed or certified by the NVD.