Arbitrary file upload in geoserver - CVE-2023-51444

 

Arbitrary file upload in geoserver - CVE-2023-51444

Published: March 19, 2024 / Updated: May 5, 2026


Vulnerability identifier: #VU129750
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-51444
CWE-ID: CWE-434
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: geoserver
Affected software:
geoserver

Detailed vulnerability description

The vulnerability allows a remote user to execute arbitrary code.

The vulnerability exists due to improper input validation in the REST Coverage Store API when handling file upload requests for coverage stores configured with absolute paths. A remote privileged user can upload arbitrary file contents to arbitrary file locations to execute arbitrary code.

An attacker with permissions to modify coverage stores may also overwrite GeoServer security files to obtain full administrator privileges.


How to mitigate CVE-2023-51444

Install security update from vendor's website.

Sources