CVE-2024-0352
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
2Tags
Description
A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250120.
Analysis
Likeshop e-commerce platform through version 2.5.7.20210311 contains a critical unrestricted file upload vulnerability in the FileServer::userFormImage function. Unauthenticated attackers can upload PHP webshells via crafted HTTP POST requests, achieving remote code execution on the server.
Technical Context
The FileServer::userFormImage method in server/application/api/controller/File.php processes file uploads without validating file extensions or content types. An attacker can upload a .php file by sending a POST request with a crafted multipart/form-data body. The uploaded file is stored in a web-accessible directory and can be directly executed.
Affected Products
['Likeshop <= 2.5.7.20210311', 'Likeshop open-source e-commerce platform']
Remediation
Update Likeshop to the latest version. Implement server-level file upload restrictions allowing only image extensions. Configure the upload directory to disallow script execution. Add authentication requirements to all file upload endpoints.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today