Arbitrary file upload in formidable

#VU65264 Arbitrary file upload in formidable

Published: 2022-07-21 | Updated: 2022-07-22

Vulnerability identifier: #VU65264

Vulnerability risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-29622

CWE-ID: CWE-434

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
formidable
Other software / Other software solutions

Vendor: Charlike Mike Reagent

Description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient validation of file extension when uploading files. A remote attacker can upload and execute arbitrary file on the system.

Mitigation
Install update from vendor's website.

Vulnerable software versions

formidable: 3.1.4

External links
http://www.youtube.com/watch?v=C6QPKooxhAo
http://medium.com/@zsolt.imre/is-cybersecurity-the-next-supply-chain-vulnerability-9a00de745022
http://github.com/node-formidable/formidable/issues/856
http://github.com/node-formidable/formidable/issues/862

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Netcool Operations Insight

Arbitrary file upload in formidable

Code execution in IBM App Connect Enterprise Certified Container DesignerAuthoring