HackDig : Dig high-quality web security articles

AdaptCMS 3.0.3 Remote Command Execution Exploit

2015-01-05 16:45
Title: AdaptCMS 3.0.3 Remote Command Execution Exploit
Advisory ID: ZSL-2015-5220
Type: Local/Remote
Impact: System Access
Risk: (4/5)
Release Date: 05.01.2015
Summary
AdaptCMS is a Content Management System tryingto be both simple and easy to use, as well as very agileand extendable. Not only so we can easily create Plugins or additions, but so other developers can get involved.Using CakePHP we are able to achieve this with a built-inplugin system and MVC setup, allowing us to focus on thedetails and end-users to focus on building their websiteto look and feel great.
Description
AdaptCMS suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in 'appwebrootuploads' directory.
Vendor
Insane Visions - http://www.adaptcms.com
Affected Version
3.0.3
Tested On
Apache 2.4.10 (Win32)
PHP 5.6.3
MySQL 5.6.21
Vendor Status
N/A
PoC
adaptcms_rce.py
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
N/A
Changelog
[05.01.2015] - Initial release
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk


Source: php.0225-5102-LSZ/seitilibarenluv/ne/km.ecneicsorez.www

Read:11690 | Comments:0 | Tags: exploit

“AdaptCMS 3.0.3 Remote Command Execution Exploit”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3