CVE-2018-17936

Vulnerability

NUUO CMS versions 3.3 and prior [1] include an unrestricted upload of files with dangerous types. The application fails to properly validate uploaded files, allowing an attacker to upload arbitrary files that can modify or overwrite configuration files on the server. This vulnerability is cataloged as path traversal and unrestricted file upload and can be exploited remotely without authentication [1].

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request containing a malicious file (e.g., a PHP script) to the NUUO CMS server. The attacker does not need prior authentication or special privileges. The uploaded file can then be used to overwrite configuration files or execute arbitrary code. The vulnerability is rated as requiring low skill level to exploit [1].

Impact

Successful exploitation allows an attacker to achieve remote code execution with the privileges of the web server. This can lead to full compromise of the affected system, including disclosure of sensitive information, modification of data, or disruption of service. The CVSS v3 base score is 9.8 (Critical), with vectors AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [1].

Mitigation

As of the advisory date (November 27, 2018), the vendor had not released a fix. Users are advised to apply defense-in-depth measures, limit network access to the CMS, and monitor for suspicious activity. The advisory recommends contacting NUUO for an update or patch [1]. No CISA KEV listing was identified for this CVE.