#VU12312 Desereliazation of untrusted data in Apache Commons FileUpload


Published: 2018-05-01 | Updated: 2021-07-19

Vulnerability identifier: #VU12312

Vulnerability risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-1000031

CWE-ID: CWE-502

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Apache Commons FileUpload
Server applications / Frameworks for developing and running applications

Vendor: Apache Foundation

Description
The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists in DiskFileItem class of the FileUpload library due to deserialization of untrusted data. A remote attacker can execute arbitrary code under the context of the current process.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Apache Commons FileUpload: 1.3.2

External links
http://issues.apache.org/jira/browse/FILEUPLOAD-279

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM App Connect for Healthcare
Multiple vulnerabilities in IBM Application Performance Management products
Multiple vulnerabilities in IBM TRIRIGA Application Platform
Multiple vulnerabilities in Oracle Enterprise Data Quality
Multiple vulnerabilities in Enterprise Manager Base Platform
Multiple vulnerabilities in Siebel Apps - Marketing
Multiple vulnerabilities in Oracle REST Data Services
Multiple vulnerabilities in Oracle Communications Contacts Server
Multiple vulnerabilities in Oracle Database Server
Multiple vulnerabilities in Oracle Knowledge