An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
An attacker sends a crafted HTTP POST request to the /index.php?s=/admin/develop/editor_save endpoint, passing malicious input data. The application does not properly validate the submitted content, resulting in server-side code execution. The vulnerability is classified as CWE-74 (injection) and CWE-75 (improper neutralization of special elements), indicating a lack of proper data filtering in the editor save mechanism.
An attacker can remotely execute arbitrary code on the server without any authentication, which may lead to complete system compromise, data breach, and violation of application integrity and availability.
Apply patches available from the vendor according to the references. Until the fix is applied, it is recommended to restrict access to the /index.php?s=/admin/develop/editor_save endpoint at the firewall or reverse proxy level and monitor traffic for unauthorized POST requests.
Skycaiji version 2.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSkycaiji
APPSkycaiji2.8
Related vulnerabilities
Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/My...
Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/con...
SkyCaiji 1.2 allows CSRF to add an Administrator user.
A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects the function...
A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. This vulnerability affects t...