CVE-2022-47042

Vulnerability

Description MCMS v5.2.10 and earlier contain an arbitrary file write vulnerability in the ms/template/writeFileContent.do endpoint [1][2]. The flaw stems from insufficient validation of file paths and content, allowing an attacker to write arbitrary files to the server filesystem.

Exploitation

An attacker can send a crafted HTTP request to the vulnerable endpoint with malicious content and a desired file path [3]. No authentication is required to trigger the vulnerability, as the endpoint is exposed without access controls. This allows an unauthenticated remote attacker to write files such as JSP shells into the web root.

Impact

Successful exploitation leads to arbitrary code execution under the web server privileges, compromising the confidentiality, integrity, and availability of the application and its data. Attackers can gain full control of the MCMS instance.

Mitigation

The vulnerability is fixed in MCMS versions after 5.2.10. Users should upgrade to the latest version. There is no known workaround; patching is the recommended course of action [2].