Chamilo LMS File Upload Functionality Remote Code Execution
CVE-2023-4223

8.8HIGH

Key Information:

Vendor

Chamilo

Status
Chamilo
Vendor
CVE Published:
28 November 2023

What is CVE-2023-4223?

An unrestricted file upload vulnerability exists in Chamilo LMS up to version 1.11.24, specifically in the /main/inc/ajax/document.ajax.php file. This flaw allows authenticated users with a learner role to upload malicious PHP files, resulting in unauthorized remote code execution. Attackers could exploit this vulnerability to gain control over the affected server, posing a serious security risk. It is highly recommended that users update to the patched versions by reviewing advisories and applying the necessary updates to mitigate this security issue.

Affected Version(s)

Chamilo 0 <= 1.11.24

References

https://support.chamilo.org/projects/chamilo-18/wiki/secu...
vendor-advisory
https://starlabs.sg/advisories/23/23-4223
third-party-advisory
https://github.com/chamilo/chamilo-lms/commit/6f32625a012...
patch

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ngo Wei Lin (@Creastery) of STAR Labs SG Pte. Ltd. (@starlabs_sg)
.
CVE-2023-4223 : Chamilo LMS File Upload Functionality Remote Code Execution