There is an arbitrary file upload vulnerability in the WordPress plugin WebApp-builder. The vulnerability is in the images.php file; there are no authentication checks or sanitization against the type of file being uploaded. A remote unauthenticated attacker can send a request to images.php uploading a file with executable code. This could lead to a complete compromise of the server.
Exploitation
Stages
- The remote unauthenticated attacker sends a request to images.php uploading a file to the server.
- The server responds successfully with the location of the file.
Prerequisites
The attacker must be able to send crafted packets to the target system.
Alert Logic Coverage
Alert Logic® has evaluated its customer base for exposure to the exploit and has developed signatures for mitigating the threat depending on the security service in place.
The Network-Based Intrusion Detection System (IDS) has been updated with the new signatures for this exploit when detected via Alert Logic Threat Manager™. If this signature is detected, an incident is generated in the Alert Logic console.
Recommendations for Mitigation
Upgrade to a non-vulnerable version to mitigate this vulnerability.
Comments
0 comments
Please sign in to leave a comment.