#VU75601 External Control of File Name or Path in Moodle - CVE-2023-30943

Cybersecurity Help s.r.o.

Published: 2023-05-01 | Updated: 2024-07-05

Vulnerability identifier: #VU75601

Vulnerability risk: Low

CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2023-30943

CWE-ID: CWE-73

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Moodle
Web applications / Other software

Vendor: moodle.org

Description

The vulnerability allows a remote user to create arbitrary folders on the system.

The vulnerability exists due to application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Moodle: 4.1.0 - 4.1.2

External links
https://moodle.org/mod/forum/discuss.php?d=446285

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Fedora 36 update for moodle

Fedora 37 update for moodle

Fedora 38 update for moodle

Multiple vulnerabilities in Moodle