CVE-2022-23880
Description
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
TaoCMS v3.0.2 suffers from an arbitrary file upload vulnerability in its file management module, allowing remote code execution.
Vulnerability
The File Management function module in TaoCMS v3.0.2, specifically in include/Model/File.php (lines 96 and 77), contains an arbitrary file upload vulnerability [1]. The $this->realpath value is derived from the user-controlled GET parameter path, allowing an attacker to specify arbitrary file paths. Additionally, the filedata POST parameter is directly written to the specified file without proper sanitization or validation. This combination enables an attacker to create and write arbitrary files on the server [1].
Exploitation
To exploit this vulnerability, an attacker must have network access to the TaoCMS application and be able to send crafted HTTP requests. The attacker first sends a GET request to create a new file (e.g., test.php) via the vulnerable file management functionality, using the controlled path parameter to set the file location. Then, the attacker sends a POST request to write arbitrary content (including a PHP webshell) into that file via the filedata parameter [1]. No authentication is explicitly required in the provided reference, though the file management interface typically assumes an admin session in real deployments.
Impact
Successful exploitation allows an attacker to achieve arbitrary file upload and write, leading to remote code execution (RCE) on the underlying web server. The attacker can gain full control over the application and potentially the server, depending on file permissions and server configuration. This compromises the confidentiality, integrity, and availability of the affected system [1].
Mitigation
As of the publication date (2022-03-23), no official patch or fixed version has been released for TaoCMS v3.0.2 [1]. Users should restrict access to the file management interface, implement strong authentication and authorization, and consider disabling the vulnerable functionality if not required. Regular monitoring for updates from the vendor is recommended. This vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog as of the last update.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- taoCMS/taoCMSdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/taogogo/taocms/issues/25mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.