CVE-2017-15054 Information

Description

An arbitrary file upload vulnerability present in TeamPass before 2.1.27.9 allows remote authenticated users to upload arbitrary files leading to Remote Command Execution. To exploit this vulnerability an authenticated attacker has to tamper with parameters of a request to upload.files.php in order to select the correct branch and be able to upload any arbitrary file. From there it can simply access the file to execute code on the server.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

http://blog.amossys.fr/teampass-multiple-cve-01.html https://github.com/nilsteampassnet/TeamPass/commit/9811c9d453da4bd1101ff7033250d1fbedf101fc

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.5