CVE-2018-17553 — HIGH (8.8)

Vulnerability Description

An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php.

CVSS Score

8.8

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Naviwebs	Navigate Cms	2.8

Related Weaknesses (CWE)

CWE-22 CWE-434

References

https://github.com/NavigateCMS/Navigate-CMS/commit/2bdcb8b3c5bb23851a2115db96585PatchVendor Advisory
https://github.com/rapid7/metasploit-framework/pull/10704ExploitThird Party Advisory
https://www.exploit-db.com/exploits/45561/ExploitThird Party AdvisoryVDB Entry
https://github.com/NavigateCMS/Navigate-CMS/commit/2bdcb8b3c5bb23851a2115db96585PatchVendor Advisory
https://github.com/rapid7/metasploit-framework/pull/10704ExploitThird Party Advisory
https://www.exploit-db.com/exploits/45561/ExploitThird Party AdvisoryVDB Entry

FAQ

What is CVE-2018-17553?

CVE-2018-17553 is a vulnerability with a CVSS score of 8.8 (HIGH). An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution ...

How severe is CVE-2018-17553?

CVE-2018-17553 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-17553?

Check the references section above for vendor advisories and patch information. Affected products include: Naviwebs Navigate Cms.