Published: 14/04/2017 Updated: 02/04/2018

CVSS v2 Base Score: 8.5 | Impact Score: 10 | Exploitability Score: 6.8

CVSS v3 Base Score: 7.3 | Impact Score: 5.9 | Exploitability Score: 1.3

VMScore: 860

Vector: AV:N/AC:M/Au:S/C:C/I:C/A:C

Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vtiger vtiger crm 6.4.0

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, ...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 # Exploit Title: Vtiger CRM <= 630 Authenticated Remote Code Execution # Date: 2015-09-28 # Exploit Author: Benjamin Daniel Mussler # Vendor Homepage: wwwvtigercom # Software Link: wwwvtigercom/open-source-downloads/ # Version: 630 (and lower) # Tested on: Linux (Ubuntu) # C ...

CWE-434 http://www.openwall.com/lists/oss-security/2016/01/12/7 http://www.openwall.com/lists/oss-security/2016/01/12/4 http://b.fl7.de/2016/01/vtiger-crm-6.4-auth-rce.html https://www.exploit-db.com/exploits/44379/https://nvd.nist.gov https://www.exploit-db.com/exploits/44379/

CVE-2016-1713

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect