CMS MADE SIMPLE FORGE

SimpleShop

 
Back Back to List

[#12510] RCE via File Upload

avatar
Created By: Marco Nappi (mrcnpp)
Date Submitted: Sat Jan 08 03:31:10 -0500 2022

Assigned To: Yuri Haperski (cmsms)
Version: None
CMSMS Version: None
Severity: Major
Resolution: None
State: Open
Summary:
RCE via File Upload
Detailed Description:
Is possible to upload php file using the image upload features


History

Comments
avatar 
Date: 2022-01-08 04:43
Posted By: Yuri Haperski (cmsms)

Add to the .htaccess file. It should help.
#
# The following are highly recommended security settings for files in your CMSMS
install that should not be browsed directly.
#
RedirectMatch 403 ^/.*\.htaccess$
RedirectMatch 403 ^/.*\.log$
RedirectMatch 403 ^/.*\.ini$
RedirectMatch 403 ^/.*config\.php$
RedirectMatch 403 ^.*/doc/.*$
RedirectMatch 403 ^.*/lib/.*\.php$
RedirectMatch 403 ^.*/tmp/.*\.php$
RedirectMatch 403 ^.*/modules/.*\.php$
RedirectMatch 403 ^.*/uploads/.*\.php$
RedirectMatch 403 ^.*/assets/.*\.php$
RedirectMatch 403 ^.*/assets/.*\.tpl$
avatar 
Date: 2022-01-08 05:29
Posted By: Marco Nappi (mrcnpp)

Thanks i'm just following the default installtion . Btw i belive the regex don't
fully cover all the possible doungeroos files extension for example a file phtml
or a php5 will get ignore by that regex
avatar 
Date: 2022-01-08 07:45
Posted By: Yuri Haperski (cmsms)

I think it is not a problem, because the admin panel is only for trusted users.
But I will possibly fix it in the next release.