CVE-2018-18830: Malicious File Upload
First published: Tue Oct 30 2018(Updated: )
An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting a cookie. First, start an upload of JSP code with a .png filename, and then intercept the data packet. In the name parameter, change the suffix to jsp. In the response, the server returns the storage path of the file, which can be accessed to execute arbitrary JSP code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mingsoft MCMS | =4.6.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-18830?
CVE-2018-18830 is a vulnerability in MCMS 4.6.5 that allows unauthorized file uploads.
How severe is CVE-2018-18830?
CVE-2018-18830 is classified as critical with a severity value of 9.8.
How does CVE-2018-18830 affect Mingsoft MCMS?
CVE-2018-18830 affects Mingsoft MCMS version 4.6.5.
How can an attacker exploit CVE-2018-18830?
An attacker can exploit CVE-2018-18830 by uploading unauthorized files without setting a cookie.
Is there a fix for CVE-2018-18830?
There is no known fix for CVE-2018-18830 at this time.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/mingsoft
- canonical/mingsoft mcms
- version/mingsoft mcms/4.6.5