CVE-2019-5009: Malicious File Upload
First published: Fri Jan 04 2019(Updated: )
Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. One can put PHP code into the image; PHP code can be executed using "<? ?>" tags, as demonstrated by a CompanyDetailsSave action. This bypasses the bad-file-extensions protection mechanism. It is related to actions/CompanyDetailsSave.php, actions/UpdateCompanyLogo.php, and models/CompanyDetails.php.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Vtiger Vtiger Crm | <=7.1.0 | |
| Vtiger Vtiger Crm | =7.1.0-hotfix1 | |
| <=7.1.0 | ||
| =7.1.0-hotfix1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-5009.
What is the severity of CVE-2019-5009?
The severity of CVE-2019-5009 is high with a CVSS score of 7.2.
What is the affected software?
The affected software is Vtiger CRM 7.1.0 before Hotfix2.
What is the impact of CVE-2019-5009?
CVE-2019-5009 allows an attacker to upload PHP files disguised as PNG images, potentially leading to remote code execution.
How can I fix CVE-2019-5009?
Apply Hotfix2 to Vtiger CRM 7.1.0 or upgrade to a version that includes the fix.
- collector/nvd-index
- agent/type
- agent/references
- agent/remedy
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/vtiger
- canonical/vtiger vtiger crm
- version/vtiger vtiger crm/7.1.0
- version/vtiger vtiger crm/7.1.0-hotfix1