Severity by source
AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server.
By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.
Analysis
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user input in SOAP admin services. A malicious actor with administrative privileges can upload an arbitrary file to a user-controlled location on the server.
By leveraging this vulnerability, an attacker could upload a specially crafted payload, potentially achieving remote code execution (RCE) on the server. Exploitation requires valid admin credentials, limiting its impact to authorized but potentially malicious users.
Technical ContextAI
Unrestricted file upload allows attackers to upload malicious files (web shells, executables) that can then be executed on the server. This vulnerability is classified as Unrestricted Upload of File with Dangerous Type (CWE-434).
RemediationAI
Validate file types by content (magic bytes), not just extension. Store uploads outside the web root. Use random filenames. Scan uploads for malware.
Same technique File Upload
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2024-54628