An arbitrary file upload vulnerability in the component admin\plugin.php of Emlog Pro v2.5.3 allows attackers to execute arbitrary code via uploading a crafted Zip file.
The vulnerability mechanism is based on the lack of proper validation of uploaded files (CWE-434 – Unrestricted Upload of File with Dangerous Type). The attacker uploads a crafted Zip file to the plugin handling component (admin\plugin.php). On the server side, the file is extracted and processed without verification of its contents, which allows placement of a malicious executable file (e.g., webshell) in the application's accessible directory. As a result, the attacker can invoke this file and execute arbitrary system commands.
An attacker can gain full control over the server – execute arbitrary code (RCE), access confidential data, modify application content, or use the server as a launching point for further attacks on the internal network.
Apply patches available from the vendor according to the references (https://www.emlog.net/). Until the update is applied, it is recommended to restrict access to the administrative panel exclusively to trusted IP addresses and monitor the plugins directory for unauthorized files.
Emlog Pro v2.5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HEmlog
APPEmlog2.5.3
Related vulnerabilities
Emlog: nieautoryzowany upload pliku PHP przez REST API — RCE
Emlog Pro – arbitralne usuwanie plików przez path traversal
RCE przez dowolne przesyłanie plików w Emlog Pro 2.5.7
An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers...
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attacke...