{ "Name": "Adobe ColdFusion upload.cfm file upload (CVE-2018-15961)", "Description": "Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.", "Product": "Adobe-ColdFusion", "Homepage": "https://www.adobe.com/", "DisclosureDate": "2021-06-08", "Author": "gobysec@gmail.com", "GobyQuery": "app=\"Adobe-ColdFusion\"||header=\".cfusion\"", "Level": "3", "Impact": "
As a result, hackers can upload malicious files to the server to obtain the server permissions.
1. The execution permission is disabled in the storage directory of the uploaded file.
2. File suffix white list.
3. Upgrade to the latest version.
", "References": [ "https://nosec.org/home/detail/1958.html" ], "HasExp": true, "ExpParams": null, "ExpTips": { "Type": "", "Content": "" }, "ScanSteps": [ "AND", { "Request": { "method": "GET", "uri": "/test.php", "follow_redirect": true, "header": {}, "data_type": "text", "data": "" }, "ResponseTest": { "type": "group", "operation": "AND", "checks": [ { "type": "item", "variable": "$code", "operation": "==", "value": "200", "bz": "" }, { "type": "item", "variable": "$body", "operation": "contains", "value": "test", "bz": "" } ] }, "SetVariable": [] } ], "ExploitSteps": null, "Tags": [ "File Upload" ], "CVEIDs": null, "CVSSScore": "0.0", "AttackSurfaces": { "Application": null, "Support": null, "Service": null, "System": null, "Hardware": null } }