CVE-2023-26578

Arbitrary file upload to web root in the IDAttend’s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP or ASPX, gaining command execution on the affected server.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.themissinglink.com.au/security-advisories/cve-2023-26578	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:idattend:idweb:3.1.013:*:*:*:*:*:*:*

History

28 Oct 2023, 03:22

Type	Values Removed	Values Added
References	~~(MISC) https://www.themissinglink.com.au/security-advisories/cve-2023-26578 -~~	(MISC) https://www.themissinglink.com.au/security-advisories/cve-2023-26578 - Third Party Advisory
CPE		cpe:2.3:a:idattend:idweb:3.1.013:::::::*
First Time		Idattend Idattend idweb
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 8.8
CWE		CWE-434

25 Oct 2023, 18:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-10-25 18:17

Updated : 2023-12-10 15:14

NVD link : CVE-2023-26578

Mitre link : CVE-2023-26578

CVE.ORG link : CVE-2023-26578

JSON object : View

Products Affected

idattend

idweb

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2023-26578", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "vdp@themissinglink.com.au", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-10-25T18:17:25.837", "references": [{"url": "https://www.themissinglink.com.au/security-advisories/cve-2023-26578", "tags": ["Third Party Advisory"], "source": "vdp@themissinglink.com.au"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}, {"type": "Secondary", "source": "vdp@themissinglink.com.au", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Arbitrary file upload to web root in the IDAttend\u2019s IDWeb application 3.1.013 allows authenticated attackers to upload dangerous files to web root such as ASP or ASPX, gaining command execution on the affected server. "}, {"lang": "es", "value": "La carga arbitraria de archivos a la ra\u00edz de la web en la aplicaci\u00f3n IDWeb 3.1.013 de IDAttend permite a atacantes autenticados cargar archivos peligrosos a la ra\u00edz web, como ASP o ASPX, obteniendo la ejecuci\u00f3n de comandos en el servidor afectado."}], "lastModified": "2023-10-28T03:22:06.693", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:idattend:idweb:3.1.013:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E83E186-DB76-4468-9BDE-E15B437E81EB"}], "operator": "OR"}]}], "sourceIdentifier": "vdp@themissinglink.com.au"}