Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1ybTNxLXFmcm0tZnJyds4AAYDv
TeamPass arbitrary file upload vulnerability
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability, an authenticated attacker has to tamper with parameters of a request to upload.files.php, in order to select the correct branch and be able to upload any arbitrary file. From there, it can simply access the file to execute code on the server.
Permalink: https://github.com/advisories/GHSA-rm3q-qfrm-frrvJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1ybTNxLXFmcm0tZnJyds4AAYDv
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 2 years ago
Updated: 11 days ago
CVSS Score: 7.5
CVSS vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-rm3q-qfrm-frrv, CVE-2017-15054
References:
- https://nvd.nist.gov/vuln/detail/CVE-2017-15054
- https://github.com/nilsteampassnet/TeamPass/commit/9811c9d453da4bd1101ff7033250d1fbedf101fc
- http://blog.amossys.fr/teampass-multiple-cve-01.html
- https://github.com/advisories/GHSA-rm3q-qfrm-frrv
Blast Radius: 4.5
Affected Packages
packagist:nilsteampassnet/teampass
Dependent packages: 0Dependent repositories: 4
Downloads: 23 total
Affected Version Ranges: < 2.1.27.9
Fixed in: 2.1.27.9
All affected versions:
All unaffected versions: 2.1.21, 2.1.26, 2.1.27, 3.0.0, 3.0.10, 3.1.0, 3.1.1