CVE-2017-15285
Last modified
CVE-2017-15285 is a vulnerability of currently unknown severity. X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. EPSS estimates a 2.07% chance of exploitation in the next 30 days.
Description
X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. This vulnerability can be exploited by anyone with Vendor access or higher. One attack methodology is to upload an image file in the Attachments section of a product catalog, upload a .php file with an "Add File Via URL" action, and change the image's Description URL to reference the .php URL in the attachments/ directory.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualiteam | X-Cart | 5.2.23 |
| Qualiteam | X-Cart | 5.3.1.9 |
| Qualiteam | X-Cart | 5.3.2.13 |
| Qualiteam | X-Cart | 5.3.3.0 |
References
- https://sxcurity.github.io/PHP%20Code%20Injection%20in%20X-Cart.pdfExploit, Third Party Advisory
- https://sxcurity.github.io/PHP%20Code%20Injection%20in%20X-Cart.pdfExploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-15285?
How severe is CVE-2017-15285?
How do I fix CVE-2017-15285?
Are you affected by CVE-2017-15285?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST