CVE-2021-36581

Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://kooboo.com	Permissions Required Vendor Advisory
https://github.com/l00neyhacker/CVE-2021-36581/	Third Party Advisory
http://kooboo.com	Permissions Required Vendor Advisory
https://github.com/l00neyhacker/CVE-2021-36581/	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:kooboo:kooboo_cms:2.1.1.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-09-14 12:15

Updated : 2024-11-21 06:13

NVD link : CVE-2021-36581

Mitre link : CVE-2021-36581

CVE.ORG link : CVE-2021-36581

JSON object : View

Products Affected

kooboo

kooboo_cms

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2021-36581", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-09-14T12:15:09.847", "references": [{"url": "http://kooboo.com", "tags": ["Permissions Required", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/l00neyhacker/CVE-2021-36581/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://kooboo.com", "tags": ["Permissions Required", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/l00neyhacker/CVE-2021-36581/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server."}, {"lang": "es", "value": "Kooboo CMS versi\u00f3n 2.1.1.0, es vulnerable a una carga No Segura de archivos. Es posible subir cualquier extensi\u00f3n de archivo al servidor. El servidor no verifica la extensi\u00f3n del archivo y el probador fue capaz de subir un aspx al servidor"}], "lastModified": "2024-11-21T06:13:51.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kooboo:kooboo_cms:2.1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EBCB715-6C71-40FF-A7B3-798CB188B446"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}