1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Umbraco CMS Arbritary File Upload

Attack: Umbraco CMS Arbritary File Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to upload arbitrary files in Umbraco CMS which may result in remote code execution.

Additional Information

Umbraco CMS is an ASP-based content manager.

The application is prone to a vulnerability that lets attackers upload arbitrary files. This issue occurs because it fails to properly authorize users before allowing them to access the 'codeEditorSave.asmx' script. Attackers can use the 'SaveDLRScript' SOAP action of this script to upload malicious script files on the application.

An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the web server process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Affected

  • Umbraco CMS 4.7.0.378

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube