Remote Code Execution Vulnerability in ImpressCMS by ImpressCMS
CVE-2022-24977

9.8CRITICAL

Key Information:

Vendor

Impresscms

Status
Impresscms
Vendor
CVE Published:
14 February 2022

What is CVE-2022-24977?

ImpressCMS prior to version 1.4.2 is susceptible to remote code execution through a directory traversal vulnerability. This flaw allows unauthenticated attackers to exploit the origName or imageName parameters, potentially leading to unsafe interactions with the CKEditor processImage.php script. Attackers can leverage this vulnerability by placing a malicious payload in the PHP_SESSION_UPLOAD_PROGRESS variable, given that the server configuration supports the upload_progress feature, ultimately compromising application integrity and security.

References

https://r0.haxors.org/posts?id=8
x_refsource_MISC
https://github.com/ImpressCMS/impresscms/commit/a66d7bb49...
x_refsource_MISC
https://github.com/ImpressCMS/impresscms/compare/1.4.1......
x_refsource_MISC

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.