vendor:
Dotclear
by:
Ahmet Ümit BAYRAM
8.1
CVSS
CRITICAL
Remote Code Execution (RCE)
434
CWE
Product Name: Dotclear
Affected Version From: 2.29
Affected Version To: 2.29
Patch Exists: NO
Related CWE: CVE-2024-XXXX (yet to be assigned)
CPE: a:dotclear:dotclear:2.29
Other Scripts:
https://www.infosecmatter.com/why-your-exploit-completed-but-no-session-was-created-try-these-fixes/, https://www.infosecmatter.com/metasploit-module-library/?mm=auxiliary/gather/cloud_lookup, https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/backupexec/ssl_uaf, https://www.infosecmatter.com/metasploit-auxiliary-modules-detailed-spreadsheet/
Platforms Tested: MacOS
2024
Dotclear 2.29 – Remote Code Execution (RCE)
The Dotclear version 2.29 is vulnerable to remote code execution (RCE) due to improper input validation. An attacker can exploit this vulnerability to upload and execute malicious scripts on the server, leading to unauthorized access and control over the system. This vulnerability has been discovered by Ahmet Ümit BAYRAM on 26.04.2024.
Mitigation:
To mitigate this vulnerability, it is recommended to update Dotclear to the latest version and implement proper input validation and sanitization mechanisms. Additionally, restrict access to sensitive server directories and regularly monitor for any unauthorized file uploads.