cnvd - cnvd-2019-16055

CNVD-2019-16055

Vulnerability from cnvd - Published: 2019-05-30

Title

SiteServer CMS任意代码执行漏洞

Description

SiteServer CMS是一款开源、免费、企业级的CMS内容管理系统。 SiteServer CMS 6.9.0存在任意代码执行漏洞。该漏洞源于管理员可以添加允许的文件扩展名.aassp，因删除了“as”子字符串，所以扩展名被转换为.asp。远程攻击者可利用该漏洞执行任意代码。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://www.siteserver.cn/

Reference

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11401

Impacted products

Name
北京百容千域软件技术开发有限公司 Siteserver CMS 6.9.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11401"
    }
  },
  "description": "SiteServer CMS\u662f\u4e00\u6b3e\u5f00\u6e90\u3001\u514d\u8d39\u3001\u4f01\u4e1a\u7ea7\u7684CMS\u5185\u5bb9\u7ba1\u7406\u7cfb\u7edf\u3002\n\nSiteServer CMS 6.9.0\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ba1\u7406\u5458\u53ef\u4ee5\u6dfb\u52a0\u5141\u8bb8\u7684\u6587\u4ef6\u6269\u5c55\u540d.aassp\uff0c\u56e0\u5220\u9664\u4e86\u201cas\u201d\u5b50\u5b57\u7b26\u4e32\uff0c\u6240\u4ee5\u6269\u5c55\u540d\u88ab\u8f6c\u6362\u4e3a.asp\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "unknow",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://www.siteserver.cn/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-16055",
  "openTime": "2019-05-30",
  "products": {
    "product": "\u5317\u4eac\u767e\u5bb9\u5343\u57df\u8f6f\u4ef6\u6280\u672f\u5f00\u53d1\u6709\u9650\u516c\u53f8 Siteserver CMS 6.9.0"
  },
  "referenceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11401",
  "serverity": "\u4e2d",
  "submitTime": "2019-04-22",
  "title": "SiteServer CMS\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2019-11401 (GCVE-0-2019-11401)

Vulnerability from cvelistv5 – Published: 2019-04-21 15:37 – Updated: 2024-08-04 22:55

Summary

A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://github.com/siteserver/cms/issues/1858

x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:39.680Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/siteserver/cms/issues/1858"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the \"as\" substring is deleted."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-21T15:37:38",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/siteserver/cms/issues/1858"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11401",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the \"as\" substring is deleted."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/siteserver/cms/issues/1858",
              "refsource": "MISC",
              "url": "https://github.com/siteserver/cms/issues/1858"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11401",
    "datePublished": "2019-04-21T15:37:38",
    "dateReserved": "2019-04-21T00:00:00",
    "dateUpdated": "2024-08-04T22:55:39.680Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-16055

CVE-2019-11401 (GCVE-0-2019-11401)

Tags

Sightings

Nomenclature