Vulnerability identifier: #VU30544
Vulnerability risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-22
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
TYPO3
Web applications /
CMS
Vendor: TYPO3
Description
The vulnerability allows a remote privileged user to execute arbitrary code.
An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and 10.x before 10.2.2. It has been discovered that the extraction of manually uploaded ZIP archives in Extension Manager is vulnerable to directory traversal. Admin privileges are required in order to exploit this vulnerability. (In v9 LTS and later, System Maintainer privileges are also required.)
Mitigation
Install update from vendor's website.
Vulnerable software versions
TYPO3: 10.0.0 - 10.2.1
External links
http://review.typo3.org/q/%2522Resolves:+%252388764%2522+topic:security
http://typo3.org/security/advisory/typo3-core-sa-2019-024/
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.