Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
(CVE-2019-14755) - Leaf Admin RCE
[Suggested description]
The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows
Unrestricted Upload of a File with a Dangerous Type.
------------------------------------------
[Additional Information]
Leaf Admin is a virtual appliance running a web application used to
manage Internet Service Providers (ISP). It controls which users are
enabled or disabled on the system (due to payment issues), connection
speed and financial heath of the ISPs.
------------------------------------------
[VulnerabilityType Other]
CWE-434: Unrestricted Upload of File with Dangerous Type
------------------------------------------
[Vendor of Product]
Leaf Tecnologias
------------------------------------------
[Affected Product Code Base]
Leaf Admin - 61.9.0212.10 f
------------------------------------------
[Affected Component]
Profile photo upload
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Code execution]
true
------------------------------------------
[Attack Vectors]
To exploit this vulnerability someone must have a user on the system
(any privilege level) and instead of uploading a image to his/her
profile, just upload a malicious .php file.
------------------------------------------
[Reference]
http://leaftecnologia.com.br/
http://intruderlabs.com.br/
------------------------------------------
[Discoverer]
Velocista - Intruderlabs (br) team
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment