Arbitrary file uploads via BlogAPI in Drupal - #VU539
Published: September 19, 2016 / Updated: February 17, 2017
Vulnerability identifier: #VU539
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Drupal
Affected software:
Drupal
Drupal
Detailed vulnerability description
The vulnerability allows a remote user to download harmful files to compromise the target system.
The weaness is caused by improper validation of uploaded files extension by BlogAPI module that allows attackers to insert certain files or data.
Successful exploitation of the vulnerability may result in malicious files uploading and vulnerable system compromising.
The weaness is caused by improper validation of uploaded files extension by BlogAPI module that allows attackers to insert certain files or data.
Successful exploitation of the vulnerability may result in malicious files uploading and vulnerable system compromising.
Remediation
Update 5.x to 5.10.
http://ftp.drupal.org/files/projects/drupal-5.10.tar.gz
Update 6.x to 6.4.
http://ftp.drupal.org/files/projects/drupal-6.4.tar.gz
http://ftp.drupal.org/files/projects/drupal-5.10.tar.gz
Update 6.x to 6.4.
http://ftp.drupal.org/files/projects/drupal-6.4.tar.gz