File Upload Vulnerability in osTicket by osTicket Developers
CVE-2017-15580

9.8CRITICAL

Key Information:

Vendor

Osticket

Status
Osticket
Vendor
CVE Published:
23 October 2017

What is CVE-2017-15580?

osTicket version 1.10.1 contains a flaw in its handling of file uploads. The application permits users to upload files with an '.html' extension without properly validating the content of these files. This oversight allows attackers to exploit the system by uploading malicious files disguised with a different extension, such as .exe. Consequently, this facilitates unauthorized file uploads, potentially leading to execution of harmful scripts on the web server.

References

https://becomepentester.blogspot.com/2017/10/osTicket-Fil...
x_refsource_MISC
https://packetstormsecurity.com/files/144747/osticket1101...
x_refsource_MISC
https://www.exploit-db.com/exploits/45169/
exploitx_refsource_EXPLOIT-DB

EPSS Score

35% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.