vulnerability

DotCMS ContentResource API directory traversal leading to remote code execution

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Jul 17, 2022	Jan 11, 2023	Jan 12, 2023

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Jul 17, 2022

Added

Jan 11, 2023

Modified

Jan 12, 2023

Description

An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution.

Solution

dotcms-CVE-2022-26352

References

CVE-2022-26352
https://attackerkb.com/topics/CVE-2022-26352
URL-https://packetstormsecurity.com/files/167365/dotCMS-Shell-Upload.html

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today