Main Vulnerability Database SB2018101901

SB2018101901 - Arbitrary file upload in jQuery File Upload plugin

Published: October 19, 2018

Security Bulletin ID SB2018101901

Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Arbitrary file upload (CVE-ID: CVE-2018-9206)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists in the plugin's source code that handles file uploads to PHP servers due to software allows upload of arbitrary files to the system. A remote unauthenticated attacker can upload arbitrary .htaccess file to impose security restrictions to its upload folder and upload backdoors and web shells.

Note: The vulnerability has been actively exploited for at least 3 years.

Remediation

Install update from vendor's website.

References

http://www.vapidlabs.com/advisory.php?v=204