Published: 07/02/2020 Updated: 11/02/2020
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 695
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

vtiger vtiger crm 5.3.0

vtiger vtiger crm 5.4.0


## # This module requires Metasploit: http//metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'vT ...

Metasploit Modules

vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution

vTiger CRM allows an authenticated user to upload files to embed within documents. Due to insufficient privileges on the 'files' upload folder, an attacker can upload a PHP script and execute arbitrary PHP code remotely. This module was tested against vTiger CRM v5.4.0 and v5.3.0.

msf > use exploit/multi/http/vtiger_php_exec
      msf exploit(vtiger_php_exec) > show targets
      msf exploit(vtiger_php_exec) > set TARGET <target-id>
      msf exploit(vtiger_php_exec) > show options
            ...show and set options...
      msf exploit(vtiger_php_exec) > exploit