Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-27304

Опубликовано: 18 окт. 2021
Источник: redhat
CVSS3: 9.8
EPSS Низкий

Описание

The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal

A remote code execution vulnerability was found in CivetWeb (embeddable web server/library). Due to a directory traversal issue, an attacker is able to add or overwrite files that are subsequently executed which lead to impact to confidentiality, integrity, and availability of the application.

Отчет

This issue only impacts CivetWeb-based web applications that use the built-in file upload form handler (full working example in the “embedded_c” example in the CivetWeb sources). Red Hat Advanced Cluster Security includes code from CivetWeb in the Collector component, however it does not use the file upload form handler, hence is not impacted by this vulnerability. This vulnerability is rated Low for Red Hat Advanced Cluster Security.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Ceph Storage 2cephWill not fix
Red Hat Ceph Storage 3cephWill not fix
RHACS-3.67-RHEL-8advanced-cluster-security/rhacs-rhel8-operatorFixedRHSA-2021:490201.12.2021

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=2016640civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API

EPSS

Процентиль: 76%
0.00995
Низкий

9.8 Critical

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-27304

CVSS3: 9.8
ubuntu
больше 4 лет назад

The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal

nvd логотип

CVE-2020-27304

CVSS3: 9.8
nvd
больше 4 лет назад

The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request API. Web applications that use the file upload form handler, and use parts of the user-controlled filename in the output path, are susceptible to directory traversal

msrc логотип

CVE-2020-27304

CVSS3: 9.8
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2020-27304

CVSS3: 9.8
debian
больше 4 лет назад

The CivetWeb web library does not validate uploaded filepaths when run ...

suse-cvrf логотип

openSUSE-SU-2021:1424-1

suse-cvrf
больше 4 лет назад

Security update for civetweb

EPSS

Процентиль: 76%
0.00995
Низкий

9.8 Critical

CVSS3