Last active
February 1, 2023 06:53
-
-
Save abbisQQ/d8392acf7e02003e73af973cc9f5f54a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Description] | |
| NOSH 4a5cfdb has a high severity vulnerability in the "practice logo" upload feature | |
| which allows remote authenticated users to upload and execute arbitrary PHP code. | |
| This vulnerability can be exploited by bypassing the client-side checks and uploading a malicious .php file, | |
| leading to RCE and possible server takeover. | |
| [Vulnerability Type] | |
| Unrestricted File Upload | |
| [Vendor of Product] | |
| Michael Shihjay Chen https://github.com/shihjay2/docker-nosh | |
| [Affected Product Code Base] | |
| https://github.com/shihjay2/docker-nosh - Version git-4a5cfdbd73f6a2ab5ee43a33d173c46fe0271533 | |
| [Attack Type] | |
| Remote | |
| [Impact] | |
| Code execution | |
| [Attack Vectors] | |
| The "practice logo" upload functionality is vulnerable to unrestricted file upload, leading to RCE and server takeover. | |
| An attacker can bypass client-side checks and upload .php files for automatic execution. | |
| https://demo.noshchartingsystem.com/ | |
| [Reference] | |
| - https://github.com/abbisQQ/CVE-2023-24610 | |
| - https://github.com/shihjay2/docker-nosh | |
| - https://noshemr.wordpress.com | |
| - https://github.com/shihjay2/nosh2/tree/4a5cfdbd73f6a2ab5ee43a33d173c46fe0271533 | |
| # This vulnerability has a CVSS score of 8.3 | |
| # More information: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L | |
| [Discoverer] | |
| Mr Charalampos Theodorou |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment