CuteNews 2.1.2 Remote Code Execution

Facebooktwittergoogle_plusredditpinterestlinkedinmail

This Metasploit module exploits a command execution vulnerability in CuteNews prior to version 2.1.2. The attacker can infiltrate the server through the avatar upload process in the profile area. There is no realistic control of the $imgsize function in “/core/modules/dashboard.php” Header content of the file can be changed and the control can be bypassed. We can use the “GIF” header for this process. An ordinary user is enough to exploit the vulnerability. No need for admin user. The module creates a file for you and allows RCE.

Facebooktwittergoogle_plusredditpinterestlinkedinmail