Lucene search

MitreCVE-2018-17553

HistoryOct 03, 2018 - 8:29 p.m.

CVE-2018-17553

2018-10-0320:29:15

CWE-434

CWE-22

mitre

web.nvd.nist.gov

cve-2018-17553

unrestricted upload

file

dangerous type

directory traversal

naviwebs

navigate cms

remote code execution

post request

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.826

Percentile

98.5%

JSON

An “Unrestricted Upload of File with Dangerous Type” issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=…/…/…/navigate_info.php.

Affected configurations

Nvd

Node

naviwebsnavigate_cmsMatch2.8

VendorProductVersionCPE
naviwebsnavigate_cms2.8cpe:2.3:a:naviwebs:navigate_cms:2.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
naviwebs	navigate_cms	2.8	cpe:2.3:a:naviwebs:navigate_cms:2.8:::::::*

References

github.com/NavigateCMS/Navigate-CMS/commit/2bdcb8b3c5bb23851a2115db96585f1ac8cb2d1e

github.com/rapid7/metasploit-framework/pull/10704

www.exploit-db.com/exploits/45561/

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.826

Percentile

98.5%

JSON

Related for CVE-2018-17553