CRITICAL🇵🇱 Wersja polska

CVE-2024-25414

CVSS 9.8v3.1pub. 2024-02-16upd. 2025-03-14

An arbitrary file upload vulnerability in /admin/upgrade of CSZ CMS v1.3.0 allows attackers to execute arbitrary code via uploading a crafted Zip file.

🤖 AI Analysis
How it works

The /admin/upgrade endpoint in CSZ CMS v1.3.0 does not properly validate the contents of uploaded Zip files (CWE-434 — unrestricted upload of file with dangerous type). An attacker can prepare a Zip archive containing a malicious executable file (e.g., webshell) and upload it to the vulnerable endpoint. After the archive is extracted by the application, the malicious file lands in an accessible location on the server, enabling its execution and arbitrary code execution.

Impact

An attacker can gain full control over the server by executing arbitrary code in the context of the web application process — including data theft, backdoor installation, or further lateral movement in the network.

Mitigation & patch

Patches available from the vendor should be applied according to the references. Until updating, it is recommended to restrict access to the /admin/upgrade endpoint at the firewall or web server level and monitor unauthorized file uploads.

Who is affected

CSZ CMS version 1.3.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cszcms Csz Cms

    APP
    Cszcms
    1.3.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-58307CRITICAL9.3PL ✓ten sam produkt

SQL Injection w CSZCMS 1.3.0 — funkcja podglądu członków

CVE-2022-27161CRITICAL9.8ten sam produkt

Csz Cms 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_viewUsers

CVE-2022-27162CRITICAL9.8ten sam produkt

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Members_editUser

CVE-2022-27163CRITICAL9.8ten sam produkt

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_editUser

CVE-2022-27164CRITICAL9.8ten sam produkt

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcms_admin_Users_viewUsers