Unrestricted upload of file with dangerous type in Joomla!

#VU12985 Unrestricted upload of file with dangerous type in Joomla!

Published: 2018-05-22 | Updated: 2018-05-23

Vulnerability identifier: #VU12985

Vulnerability risk: Low

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-11322

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Joomla!
Web applications / CMS

Vendor: Joomla!

Description

The vulnerability allows a remote attacker to upload dangerous files on the server.

The vulnerability exists due to the web application allows uploading of PHAR files that can be treated in certain web server configuration as PHP executable files. A remote attacker can upload a PHAR file and execute arbitrary PHP code on the target system.

Mitigation
Update to version 3.8.8.

Vulnerable software versions

Joomla!: 3.8.0 - 3.8.7, 3.7.0 - 3.7.5, 3.6.0 - 3.6.5, 3.5.0 - 3.5.9, 3.0.0 - 3.0.4, 3.3.0 - 3.3.6, 3.2.0 - 3.2.7, 3.4.0 - 3.4.8, 3.1.0 - 3.1.6, 2.5.0 - 2.5.28

External links
http://developer.joomla.org/security-centre.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Joomla!