Vulnerability Description
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Typesettercms | Typesetter | >= 5.0, <= 5.1 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-ExecuThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-ExecuExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Oct/11Mailing ListThird Party Advisory
- https://github.com/Typesetter/Typesetter/issues/674Third Party Advisory
- http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-ExecuThird Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-ExecuExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2020/Oct/11Mailing ListThird Party Advisory
- https://github.com/Typesetter/Typesetter/issues/674Third Party Advisory
FAQ
What is CVE-2020-25790?
CVE-2020-25790 is a vulnerability with a CVSS score of 7.2 (HIGH). Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins ar...
How severe is CVE-2020-25790?
CVE-2020-25790 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-25790?
Check the references section above for vendor advisories and patch information. Affected products include: Typesettercms Typesetter.